last executing test programs: 2.720813838s ago: executing program 3 (id=3688): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x3, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x1) madvise$auto(0x0, 0x20499d, 0x9) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) futex_waitv$auto(&(0x7f0000000000)={0x8, 0x5d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) io_uring_setup$auto(0x40005, &(0x7f0000000000)={0x6, 0x1, 0x400, 0x7, 0x1005, 0x6, 0x7, [0x4, 0x2e9, 0x8], {0x0, 0x1, 0x8, 0x7, 0x5, 0x100005, 0x1, 0xfffffffc, 0x7}, {0x4, 0xfff, 0xffff7fff, 0x2, 0x8, 0x200, 0x3, 0x0, 0x3}}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) getcwd$auto(0x0, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) inotify_add_watch$auto(0x4, 0x0, 0xe6e) open(&(0x7f0000000000)='./file0\x00', 0x4242, 0x0) bpf$auto(0xb, 0x0, 0x3) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0xb4140, 0x0) 1.805164604s ago: executing program 0 (id=3696): pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00/\x00\x00\x00\xfd\xfdX\xd3\x1d\xf8\xbebZ\xddL\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\b\x00\x00`\x00\x00\x00\x00\x01\x88\v\xae\xa9i8W\xe5Iq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\b\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfded, 0x3) 1.759549516s ago: executing program 0 (id=3697): r0 = openat$auto_snd_pcm_oss_f_reg_pcm_oss(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x20342, 0x0) ioperm$auto(0x3, 0xe, 0x2000000000000149) ppoll$auto(&(0x7f0000000000)={r0, 0x40}, 0x2, 0x0, 0x0, 0x8) openat$auto_ftrace_subsystem_filter_fops_trace_events(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/tracing/events/vmalloc/filter\x00', 0x0, 0x0) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) socket$nl_generic(0x10, 0x3, 0x10) sendmmsg$auto(0xc0, &(0x7f0000000000)={{0x0, 0x22, 0x0, 0xa, 0x0, 0x989, 0x1}, 0x3}, 0x9a6, 0xfffffffe) io_uring_setup$auto(0x3ff, 0x0) (async) socket(0xa, 0x3, 0x3a) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) set_mempolicy$auto(0x2, &(0x7f0000000080)=0x7e, 0x4) (async) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) (async) madvise$auto(0x0, 0xffffffffffff0005, 0x19) (async) openat$auto_vmuser_fops_vmci_host(0xffffffffffffff9c, &(0x7f0000000000), 0x2102, 0x0) r1 = openat$auto_proc_iter_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000000)='/proc/kcore\x00', 0x101000, 0x0) madvise$auto(0x0, 0x7fffffffffffffff, 0x16) (async) r2 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x0, 0x0) ioctl$auto_KVM_CREATE_VM(r2, 0xae01, 0x0) (async) clone$auto(0x21, 0x9, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x6) (async) r3 = openat$auto_seq_oss_f_ops_seq_oss(0xffffffffffffff9c, &(0x7f0000000540)='/dev/sequencer2\x00', 0x1c8340, 0x0) ioctl$auto(r3, 0xc074510c, 0x3) (async) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000300), r4) sendmsg$auto_ETHTOOL_MSG_DEBUG_SET(r4, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000900)={&(0x7f00000000c0)=ANY=[@ANYBLOB="2c0000008542b00e7bcfed2438", @ANYRES16=r5, @ANYBLOB="010026bd7000ffdbdf2508000000180001801400020076657468315f766972745f7769666900"], 0x2c}, 0x1, 0x0, 0x0, 0x4000004}, 0x4000080) read$auto_proc_iter_file_ops_compat_inode(r1, &(0x7f0000000680)=""/227, 0xe3) openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/stat\x00', 0x20000, 0x0) (async) ioctl$auto_evdev_fops_evdev(0xffffffffffffffff, 0x80004519, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) 1.70752128s ago: executing program 0 (id=3698): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x22, 0x1, 0x0) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x4000008000) r0 = socket(0x2, 0x1, 0x0) close_range$auto(0x2, 0x8, 0x0) memfd_create$auto(0x0, 0xe) r1 = socket(0x2, 0x1, 0x106) connect$auto(0x3, &(0x7f00000000c0), 0x55) setsockopt$auto(r1, 0x1, 0x21, 0x0, 0x9) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @loopback}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) write$auto(0x3, 0x0, 0xfdf3) shutdown$auto(0x200000003, 0x2) io_uring_setup$auto(0x6, 0x0) madvise$auto(0x0, 0xffffffffffff0005, 0x17) mmap$auto(0x3, 0x4, 0x4000000000dc, 0x40eb2, 0xa1c, 0x8) madvise$auto(0xffffffffffffffff, 0xffffffff7fffffff, 0x40000019) madvise$auto(0xf, 0x4, 0x9) syz_genetlink_get_family_id$auto_ovs_meter(0x0, 0xffffffffffffffff) socket(0x8, 0x5, 0x6) r2 = socket(0x8, 0x0, 0x4) read$auto(0x3, 0x0, 0xfdef) r3 = clone3$auto(&(0x7f0000000180)={0x100000001, 0x79c, 0x9, 0x9, 0x5, 0x548, 0x0, 0x2, 0x6, 0xbb2, 0xffff}, 0x61b) r4 = geteuid() fsconfig$auto(0xffffffffffffffff, 0x5, 0x0, 0x0, r4) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000000), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', 0x0}) sendmsg$auto_ETHTOOL_MSG_COALESCE_SET(r5, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000c80)={&(0x7f0000000080)={0x28, r6, 0x1, 0x70bd2a, 0x25dfdbfc, {}, [@ETHTOOL_A_COALESCE_USE_CQE_MODE_RX={0x5}, @ETHTOOL_A_COALESCE_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x20000080}, 0x0) sendmsg$auto_NL802154_CMD_SET_PAN_ID(r2, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000080)={&(0x7f0000000200)={0x14d0, 0x0, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@NL802154_ATTR_SEC_KEY={0x1495, 0x30, 0x0, 0x1, [@nested={0x4, 0xe2, 0x0, 0x1, [@generic]}, @generic="6bfbbc96e450594c20a1b0011754ba94b6f9e5f74919bb", @nested={0xe6, 0x8f, 0x0, 0x1, [@nested={0x4, 0x44}, @generic="d7a0dac01a8d99a94a01db9565542d8ec4aa09834dec34e9e8cd6205c746dc118ec882c52fac4ca1111afda8ab50069ea76290ca64fe37c0350ff452b4ce0a2e212bfe10b62b5501951170304714f59b356516f80c5dd01b16f91bf1895bc5cf116b36e2667358b9a5cc7f183b693ce1091066a2f31bdb76928c17243f66a48c7ecf97fcbe49a8c01f06f538adda64a9995d07edb96a057c4f9032c1af4113cfc5fe2f534efae12e18b555309ecb07c8909a9404228b1a6b48425d56ded154ee125db2aa70320a7cd337058c60721d8389b1d940cfde54b082683dc56df6"]}, @generic="f9daa123f2d93af6c5cdb1730d177ede4a5508ec85f1054bc77429ebac57acdecd5f804bc0df0c198607bdae09ff445f3a67d9177dac196ca87d08af294763d5ddec5d325b8506958698eba453f589999868d46a96c9736892bcdb41c88588c1a371c8985b9ee42ab06b53df06921aebb182255c700267c962a21d62f4bb021eae0b", @nested={0x1004, 0x20, 0x0, 0x1, [@generic="792dbaa84d87973100d0b194783d02d5ada7f63b4e250c9b623ca6e598761a4bd57f77828807006ed8b0b864ffc24e32be014a12ff910bf2d331fc3f96a76a8174d64a1244e753d6be1789a328807886136cd72889d7c0e5e50c3f3a87a09cab6fb85c865f6289faeacef47519c02d1d24d54c2142cc6594cbaec2a827a056cc577e697e6f0ff5dbc4e653909c1251f1da89df4c4761a1fda780cfb045c23ba2a1ea7d73ba1d80a5ee0ec0a767522e880a648eb1f1ebea500d84e6b5d01ac7c3045ecfd099834183b4d12737369902f80e893f927e5f1e835191537bafb588836e68f8aa08e5eba5c759635382492b7fe05235784b2b6f5d4c97cc1d8f30e20cfd3e500ae3f554e804a6c8392fe142ddab3f5d66f4ee98b22fa97b029a17e56465770bf5730f5b1c8fb4f175f0c7984549e536a3d8899c12de09f8cc599bf7b349b60ea8e31aa8050dc4ba580566b8d5b7563dbd6bfe8c1f56d652f3df098a89edb660f204ff6a4cfc094ca5de141e6b436b76a52f20828fef227ccfd9c2598b25128eb627bf1cf6c68c5d03bbf76554fbabcc63609e28aa31f4841f9765a2ec85deac6b66b2a9e35afe5ea00533d598554c5aaf7e36f0b7ab7a6f32c4eadbdf624a346c06a16d538ed3f2dc4bd62e81fb8658aa71bd751bbdab96f5e8aaa71a77ecd4949b6be410899d59c7a49b62df2f4c35572b53a5cbb2e0e06a1031532bc43f8d9c5162a81c77b93f49253e5a2970d21c3c671550d9ef9a2d6124d335376645d8c53b5f856125973b38dddcdf6bec261a7cbd0b6af900ba645dc8cfcd2a603597b8c835fa9e7aa76b9ae9bb8fb2b667651914febd49050117890c1a8f320372ff8b44032f8cef076acb30e2de3730e3f2af18119acc89a3efe51bf85ff3ebbbeefeac308e5a40a7867b9127f5188c70248e4832b1ef27c3ccf4aa2679da2b46bd114bb374e6c1bb98ac9f10ebb6585c07354326978ef09938e640a2df4450b1d2ba110831db869ff089f2f20800b5ae6c77396b353801507b1a7da2a285ff6505c7b966993a02113b33073a9b81a357381bf63d688c90584d9e8adf3d04c9adc0f075abf993d9728847bc3eb95d9052f07e883cb3b6a15e6f1064ed025e883fa3b6c0a99805aa17d163fa27cc43c1a5d756255ae3d7f37913ebee655f4ed3e5d12362a9b03253640de6a7f44fad7c95ade3e43893463646c5fbcbcbc88cf10672480f69e7c2efce3b476b4ff73a7260d8f37adcb55f356b0a05e2164644af3bd965be732e2a807b18dfacb33ea9d9225ec78849426d643874e01688db3fce9b1808a8f037bfb3e11bd15a63fb313068042810d7d2cbbc14ae78b62a9ad86db94f0c34ae7394983d3e16fa5f0e23b0c65702da949821fe026fca4c4c7d2d12436593365562fbc55f543712e3f69e31cbc96566e211cb2e8630d398aa2620604fc29fcda021c28aeff953d25f779350245c3f276562a40e49a44d32981e1ba8c4bff61ff58f4189943abae6926efee5e0e9147336c555b0410cba0ea2414330963a73c1096a6c744c40b78650448f9b093dfc770774621333cf1d18fa1f13ed0a32ff458d550aff7690ea3a25f5385f0d43d95e6043d75d1c2f601ba0875d7f4a261452ff3edbf671a3e7e1c281336acab89670296d2fe4e5d8e1ae7ade9fde71db27fd82e8bc15d0d35d9ca63b91a734b52d0766393dc0cb6b28ece996fea32ff3492c4063c2d327e0df5a9561cabc5f68671dcf7afd3787235a0f5a53f9de9ec5043269efd9c8857e00f24264099d37d1adc6e7458abf9253ff5d8bbd22e5eedd1419dbc8d386c733d0e484617f7d678406c6652f115cc3d53af5b2a4c74423de6e485841e944ffd2973f3a98d3ca143cf962542e919205aeb85c89186d63eba8a37b0c70c766ec7513f4a923e59a69b131b12a96fbc5c2ebcb97c4540e3c5cf9b2a8709b4dd59b7b8c5cd258af65dd88ba3bf943f6696e86f4d73c847d7802c30383f665eeee2e802a87e7e4490357a04b6e36d632540a5c914c411055183ced1a3f215cc193f2cc80d5fd275b348c54bf6090c91e03dacb9e2964322c98197dc496ef29290bfb12d777e324085f7b236d26e19f992ddd2dc3f5a1d9110695c427db4bfafb785066cf0e4e042c1b3d664d4d75d753113c659589cd8133a5b63f7a9efda7f96cdb63ae6359bcee8ae917edebeba685e8353fe9fa7e5cce38cd73b9b43af9c74e9bd9d09903d5548e9b25b903e0793febb3c91fe4bc68aa172fa8734fc450f4f1e73cc09b532749392d510e868cd79e4d97c00dbe1bca84345d087fd1d2ed20eabf15bd2a0f57a432999b20180b14aa9779e8ad247bee007425d4a8b0cb3bcc8aa3296c87463a6a5e62173639484c162ffbe88eccc92b15df3ecb6255d8a34b7e94c1e3e191d1ac5e55396422b3836ff4630fe47bf5111465678b9a4cb59bc89493c505c41e9c913adbf3db24d9c686463a5c2e78fe41a453858f766d64bc950bd0c40f8577d444dbbf2c3550487bdfe05132154aedede29df76463d03531ed23e59a023bc45f28675ae347e1d73b67c4d7035097f9575f1e7e32442e4fad79adc8159a7e5c49192da13591892f37314e71f6e92aedfdb3f353a05723f2b942c469b3bb6148c606e2e9dc6e5a944f0f8645e69a4b59750d3817426aea4e605e668067a4921f9a48ebb964cee500e349e3c0f90b6fcfd79cc71108e37959f458aa6a1127e8bc4fb815b11e36fcdf5dced1395c85f59fb49e5607069243a90fb302a40fdd38f0aec67e906f7c8cebd4680d6a5f59a836a00e085808e2d4be01580a70ef6cb6d3a577f2ed21c79390ac04371a889d42499b1593fddf77d289c7b5b5c664e3155c4745fcf3d0feac4496109f6862115196ccec81c9d96b56ac090ed1add108137148226ff2b6c4f3995335c7ee83c3666df1f742e51e79360a004663d7af7b34bc02b7db41eb5925cde9db57da8c0a3b576d4faef2c810dd832ab082b54104382f1919f059a1edcdfa45cb7f2afe3c89e27c6bbc21637b6c028dbbeaeaf34af30747fff650052e5691d44893a66a6223efedd3155f731808dfc732e4bd91930e45236538edcb0bc4f398e00b7389f5e4506766e7be246dfb4dd34eb50ef9f8d81de9eecba7158c1f1b485d4bc2b2cdf80374e2238610404e790bbf2723288a68ffdad3a7a47920ede96999d2f31d14e7a5d4199cc696d293cf5c36a8608710e37cb3fa78ab3419bf1fa0f7b09e5431ac41712784c75525d7508f15a5614c44a322432b42ba2dfc1fda1cfe72e1914cfd2486ad89fa8c03798f62e8c98df448e103ff2bd236c04353fd914781bf0527797560553c6bb858bee163f5ac1be912820f9c490fda27185958620b02b5ca8bf22511b71055bd7123fee768b1192c3a01e80be3c69f694552a7695292ee3a8b434b67667d2994337e040a8111a840e8be6c081b744bf0fc48401016a4dba7bc800cf917b9d845eefd7e355d49bf2feb3eaa56494fc42d7f024a5d5a949ca945514d2a21050e1200db7f79afdeb26744ec934b609c8855f54132c3ef80212e98593f9ba2e4b087f279e1411303e41a05d0365de9cbbbfd92b1f19d2e7004e67db0981b09017e3d78c3cfd2a39cbf7b8d215a07f0b8f344e211abb89c7f05bbf47a43304b834a9c02ba2132266f614d4820a29b799babc2209325939a02522a37917d189329b2ad93cd1bb3460de5a31b83c1bb5d490d69659d54f2035d0e2d3aa94efb1d12e8467ec5636734b8d3bdddfd3a4881a9c719b10b7734af5735dd93a7f2df4ec9e4189f4f53edcd2941696e48460242a76982ba0067df625b9db37b402cbcb70e3c5bce7f72f093cce6e0dfeb9a25ea715bc612e9424ab58848fcb9cdba16126bb33f99819006484588e69d4d994d21720a3c6891afc80c5548158a33da6761bf0fa15ed40964a8ad11b43ddd7da5d490b0bb4ce512c24d878ddaff56389d45a7ef29f9e08440533d6afdbe9a9986e6b1170b5d930b2c1d664f8d7490963d2b76c834935c1c6ae0bfa79023f35517d8effc6a8aec24ba051a8c7535edf4bc3740317d56eff05c3cfa8a620eb34577913e5ecb6cb26d1363e462164f5cf5e93f249f3240b52c6a9765a953d05dec793dd740e56558e262d9154a20ba0284e7d17c36ca93406d5ffd3d4c7dbe96a71eb28489286c9de19a6e8c2f69e3e4a99c3fad60c2409c635d8c7d45b0358adc75cb923655b526e27ef2489671d205fd51353f2ecce911d1abfbceb582fda1d99edcb1d4f89240ebe2983680132ae9b4ffcb4b073eba6d9c30d9b59531d4f73cf5dbacb00be99ee51f098354cd3449d6955facd59eb9ca1b700b0cb77819a9ac82ec09d46e2b443edfd4efe7af4f0cc5bb8bf5c317e6dd0cbb0ad0cd947908dbf6d9b3ccbe76c51f0cea01ee40ea638ff8fc8877efe46c2e37beea3592466b4bde87f33ec42e478d1ecc41e00712a6cf4f79107cd68e3c8510af2360ef38aa63e5a133698143eb6ec9ea9d209dce148d38fd887443a0868b09d13b6393415d9dfe827d3e565db8d407624f67830f3caf3a4765311df5885028a854304aeca5a006e54c16c55f958e67bb9bab80598386fa87b4d8b41b188e1737c606746f0c4d7efbfc59dfd86045810330ac482af0812867c1ca7448e62eb80cdaa0ee5c70ecf6a735cdc13e224dfe8c7768107100b3f30418087e8b5c8f79ecef6333b8ce6ec006ba72e788fc15d0f854097046d3bfbfed9f496eefbc4a86245cd584fde85ae72e96312ca896a5191052e658c8546f3db6e8542a937f2ac7b9fbb62b1d67096388ac43c4d5f62e7bbf4bc534e87f089086771c37a4b387e05c363e9fa1ac2cb600901bd96a9a68a376ffb0d47fcfe88f5c6968fcde60564e89922d4391232b6527faf2fe2fc44190235eb09881351ad53eb3fa95464d151102ecb1763754b44079a5309ecf629bb40d0a6b7fa7e28edf2b847f577a8c0026cc64ee7cde46fdc4d2c8993e0cfd7b672d81e7c177f4f31ffa31c7ec2046c043be4fad6adfd20e34acf1e9371229809d453b4383d3050d2ba408f70e5da27fd97cd1289e9b4e757e853a6ebda56eda81c282613539b520a40034875cf959a7109faed7061120729c70c298dcafda9ee3bda470006db1e8253235d4eb9a45c67fcea583ba4f044a4ae967f43dc8799f334b0dc9eb74f3fc68105e4afc8ff0663a8876c4dedd9501f59a5ae5477ce2935ccf43e68dac6767b8abc4a802b77655737443932adc5bc6c1422828dec1fd6d415077d217a7211c28ee9fe9d66b5dfcff7b58f1f704cc13a2c87c7729dcd36ce252e3f3c41c06a32d50f57cbfda55734bd86dfaa42a0bc82f139406c343e855eac3ec02bc906b7efa4c460b39c597064ca29015281e14f2769c398825a5f44e239226d3bca78e0c5699de0edebf625129f275863029730bf278bbcd57a4eb093a74275282222148fd335dee89d633851248c8f7d04186341ba159145fbd3edaab404bf702f79348d95d3b37e0c2de93abbe5d93cc715aa8905a00f6130de74352f737b6f5ba02f74e63f2e57f9a58f28b22ae4182bae3b403228246d2f9a4c15f8f91e60ab19d54ee95e4c9d504c669b7b8a5c8e376064e964edcf150995d9065c55a9b5b7e4c997caa9753bb5eebc5263d07a2ef7fb084a5d43164bfcd99d9bb4a408cda760d5d9919e5b31cdc64b3c8189083957049bca4bd6ccfe65943f8e94a88427a73129a25997b90e4249937de7cf03094e0bcd1a6f43f453bfe06282aab5329965d39ea302a"]}, @nested={0x185, 0x19, 0x0, 0x1, [@typed={0x14, 0x32, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x31}}, @generic="9f63a330c81fe61ac6cc9cfa87519bb2932f896ec535a52e4d684534a57d8199fbeeb6d6d405c7f5cb46724909437cd8e702e167d17e854c99520e53b58dc1bf2420d5524430817d88d1af8bed74dab50e83e47a38da87b437a9de3f2ca1b4600e6698f82a243ac5b12dc078afa2aa265c29a635955f2c81cb23c88b965fdd5f0b4915eb5fc89683e39ed51c34fd1e103406f216e37c1994041e2ef3b034d361310e1e6a6f7703f8f4fe2d30ff70c0830cff1e2ffdd8016768656f865caeb66c2ddeb31fd539d4dc4dc15952e291da88554f07d7b5", @typed={0x86, 0x144, 0x0, 0x0, @binary="9c4a2d6371dbb3ada1c0aaa1df9d58340309b911b488207b78895733b4a6eecc2e022038dbe666cb7eba5531388fd5c1a21f349c461a3261d20661918e9e3d43a858a883b7ac4167d58eeb29f3a114bfceab5d65e15c61d3d92532ab5b6c6e4d6d330adadd70fd0866aab33fbfc736e777a2f8748c2eb4db775b85be7386227d0654"}, @typed={0x8, 0x83, 0x0, 0x0, @uid=0xee01}, @typed={0x8, 0xf6, 0x0, 0x0, @u32=0xaf9}]}, @nested={0x17f, 0xf6, 0x0, 0x1, [@typed={0x8c, 0xcf, 0x0, 0x0, @binary="acfa987f3b174af12798719462f31819d007c46698dcbdd331f668277829d4e395364c6e50445ab608e4ed147cc7c939326b6eb67f74a17db83ea8b8178ff73f87883aa2b8f1aa9de34972b64fe40e76c03bc00bf49861be9d0e55a8b6e8b8997a02ce59468d4b5ee29b2c9ef0770ea87632d3007fe25b63dfef68160cc6f23600f16eec0e71a60d"}, @nested={0x4, 0x7d}, @nested={0x4, 0xdd}, @typed={0x8, 0x1d, 0x0, 0x0, @pid=r3}, @generic="f56c1583006ed59fcb25550ce34edd98c4a4f0c087814db7e4f68a1ec84dd2a2c98c1044f4418917c69d3683d3a18e83a1cf0a78f462cd3a730ce54c68c14c20c5dcb499fb02f19a1d49bdb2b55db9ec1e810e2303a1cfa7d7209d4d171dd4e75e0278e5373eb9fff3c591bd0dcfd8b5b507e897520436c1acfcd2bb915198cbce2b2d7eb007af4e413cae4670c9f16c5bcec9ecfdd62e32ed8757a6ff6c5d3ae5db9aa227bd21957899e044e1438779b56214eb714054e3cfb5a9eb1b33b187cecf63d422a895de67b070e0c6e7275609b9bf44b0318c", @typed={0x8, 0x8f, 0x0, 0x0, @uid=r4}]}]}, @NL802154_ATTR_SCAN_DURATION={0x5, 0x24, 0x2}, @NL802154_ATTR_IFNAME={0x14, 0x4, 'macvtap0\x00'}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r7}]}, 0x14d0}, 0x1, 0x0, 0x0, 0x800}, 0x4000) 1.705892949s ago: executing program 3 (id=3699): openat$auto_mon_fops_binary_mon_bin(0xffffffffffffff9c, &(0x7f0000000040)='/dev/usbmon26\x00', 0x40000, 0x0) socket(0xa, 0x2, 0x73) timerfd_create$auto(0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x0) close_range$auto(0x2, 0x8, 0x0) openat$auto_ftrace_set_event_pid_fops_trace_events(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/tracing/set_event_pid\x00', 0x24af41, 0x0) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket(0x25, 0x1, 0x3) socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) eventfd$auto(0x3) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x3, 0x73) openat$auto_snapshot_fops_user(0xffffffffffffff9c, &(0x7f0000000100), 0x7c3142, 0x0) socketpair$auto(0x1a, 0x1, 0x8000000000000000, 0x0) r1 = openat$auto_tty_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000080)='/dev/pts/ptmx\x00', 0x0, 0x0) ioctl$auto_TIOCSETD2(r1, 0x5423, 0x0) ioctl$auto(r1, 0x800455c9, r0) mmap$auto(0x0, 0x20009, 0xe3, 0x100000eb1, 0x40000000000a1, 0x8000) r2 = openat$auto_vcs_fops_vc_screen(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vcsa1\x00', 0x1, 0x0) write$auto_vcs_fops_vc_screen(r2, &(0x7f00000001c0)="080a0000fe", 0x5) write$auto(0x3, 0x0, 0x100082) 1.653515902s ago: executing program 1 (id=3701): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000002500), 0xffffffffffffffff) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd7020f8dbdf250100000008000200", @ANYRES32=0x4, @ANYBLOB="080002000000000000000000", @ANYRES32=0x9, @ANYBLOB], 0x2c}, 0x1, 0x0, 0x0, 0x8001}, 0x80) r2 = syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000080), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$auto_OVS_DP_CMD_DEL(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002abd7000fedbdf2502"], 0x38}, 0x1, 0x0, 0x0, 0x20040011}, 0x20000000) r4 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000500)={'gretap0\x00'}) mmap$auto(0x0, 0x4020009, 0xdf, 0xeb1, 0x401, 0x8000) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20000010}, 0xc0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb1, 0x401, 0x300000000000) close_range$auto(0x2, 0x8, 0x0) r5 = socket(0x2, 0x80002, 0x73) r6 = socket(0xa, 0x1, 0x84) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @empty}, 0x6a) r7 = openat$auto_proc_clear_refs_operations_internal(0xffffffffffffff9c, &(0x7f0000000600)='/proc/thread-self/clear_refs\x00', 0x2, 0x0) write$auto_proc_clear_refs_operations_internal(r7, 0x0, 0xffffff4b) connect$auto(0x3, &(0x7f0000000080)=@in={0x2, 0x3, @dev={0xac, 0x14, 0x14, 0x10}}, 0x54) setsockopt$auto(r6, 0x10000000084, 0x8, 0x0, 0xd) write$auto(0x3, 0x0, 0xffb8) openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, 0x0, 0x80000, 0x0) open(0x0, 0x261c2, 0x84) mmap$auto(0x0, 0x7f, 0x1, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmsg$auto_IPVS_CMD_NEW_DAEMON(r5, &(0x7f0000003b40)={0x0, 0x0, &(0x7f0000003b00)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000fb", @ANYRESDEC, @ANYRES16], 0x14}, 0x1, 0x0, 0x0, 0x40080}, 0x8000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB='Z'], 0x1ac}}, 0x40000) 1.599922339s ago: executing program 3 (id=3702): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$auto_ethtool(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_ETHTOOL_MSG_CABLE_TEST_TDR_ACT(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r1, 0x300, 0x70bd26, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x2000000) r2 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000980)='/sys/devices/platform/dummy_hcd.5/usb6/power/level\x00', 0x0, 0x0) openat$auto(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x81, 0x0) read$auto_kernfs_file_fops_kernfs_internal(r2, &(0x7f00000009c0)=""/231, 0xe7) 1.478377358s ago: executing program 3 (id=3704): socket(0x0, 0x3, 0x200) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) (async) mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) socket(0x10, 0x2, 0x0) sendmsg$auto_NFSD_CMD_THREADS_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB='$[\x00\x00', @ANYRES16=0x0, @ANYBLOB="20002cbd7000fbdbdf25020000000800030080004000080003"], 0x24}, 0x1, 0x0, 0x0, 0x20008010}, 0x400d0) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) (async) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="72010000", @ANYBLOB="1a0027"], 0x1ac}}, 0x40000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[], 0x1ac}, 0x1, 0x0, 0x0, 0x4004810}, 0x800) sendmmsg$auto(0x3, &(0x7f0000000080)={{0x0, 0x2, &(0x7f00000002c0)={0x0, 0xc4}, 0x1, 0x0, 0x0, 0x9}, 0x7}, 0x3, 0x0) pselect6$auto(0x0, &(0x7f0000000000)={[0x8000000000000001, 0xffffffffffffffdd, 0x5, 0x70000, 0x7, 0x0, 0x0, 0x3, 0x8, 0x3, 0x4, 0x0, 0x8000000000000000, 0x1000000000000000, 0x8, 0x1ff]}, &(0x7f0000000080)={[0x0, 0x8473, 0x7, 0x2, 0x3, 0x8001, 0x68, 0x1, 0x5, 0x93e, 0xfffffffffffffffb, 0x8, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x9, 0x1000]}, &(0x7f0000000100)={[0x3, 0x1, 0x3, 0x4, 0x9, 0xd3, 0x4, 0x1, 0x642, 0x0, 0x2, 0x100000000, 0x0, 0x4, 0x80, 0x3ff]}, &(0x7f0000000180)={0x2, 0x2}, &(0x7f00000001c0)="a630075a1d477895f0de6b9512eb52e55ebae27ac6817d79f07af15f619404af52f5637a6a436157e5045b81cbc36caf8e4b880df3aabea96e806e19d4b537fc96bc415cf143abe24f5002708b12bd9403bcc5245840a9f21229ed7ad2aa52146327c5012352ddc66e487fb2b87e61588f92b7ca2c45eec546b38e9c6a29ca8f3b21b5be5890250615943565e07228cfa2553cc2e4a009ba98fbf7567b16ad4e953fc2db8851aa") 1.451052397s ago: executing program 1 (id=3705): mmap$auto(0x4, 0x400002, 0xfffffffffffffffe, 0x9b72, 0xe8, 0x8000) fcntl$getown(0xffffffffffffffff, 0x9) sendmsg$auto_TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000000}, 0xff6d, &(0x7f0000000200)={&(0x7f0000003080)={0x14, 0x0, 0x20, 0x70bd2a, 0x25dfdbfd}, 0x14}}, 0x4004010) syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0xc000}, 0x400c000) r0 = socket(0xa, 0x3, 0x3a) ioctl$auto(r0, 0x890b, 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_SET_SERVICE(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000080)={0x20, r2, 0xbb2b6b136619818b, 0x70bd2c, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x1, 0x0, 0x0, @pid}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x8000) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000300)={0x1, 0x7, 0x400, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x3c, 0x400, 0x0, 0xb15, 0x7a4b, 0x9, 0x8e, 0x4, 0x2, 0xffffffffffff17ef}, 0x8) shmctl$auto(0x3, 0xb, &(0x7f00000014c0)={{0xc, 0xee01, 0xffffffffffffffff, 0x200c3d, 0x3, 0x7fff, 0x5}, 0xfffff001, 0x6, 0x8, 0x7, @inferred, @raw=0x1000, 0x6e4c, 0x0, &(0x7f00000003c0), &(0x7f00000004c0)="bf88be7cbe291d911220f46ce88d933a946cc7c97bff2be10ade60a7cb8b339f193d1e1458c36107b1a9d21ed0b4eda0b5c372a8d7d96ba8b62dc4c093d71335a8c1148709b1aca8f1aecb5fbbd360019219feaf0d0dfefe739ad59df7387ceb3ea4ef71fdbabe35f2db8cecc5eb7344b19a18ccbf84b60ca50f31e93e299ea090a0e498df5ba24a039031337b4bab2bff2805638dedff47d843b13fd8cf2494bbfc6db679b4a0add840084e38df72d8234d11dbabe1c4432e763463f5d89263b7c56edf65e9ae13682c1083ca5b20a779f469614a631d7bb8dc917764176937bca3691e7a1afdcac2f745080c5e7789c08f8ecc1069a33ce2e24711f7648377e1b4f9217ce6fffa351276f7f888906af20f89918b2b6ff9a1f70b3642e00da5403fc2a2bf18e710774cc5d7c3ce79feffe614705b00322166f51a03027c84917a4b3250535161a212c8e724a6f78d3b1557d2a9fe67957617c026152a25e519232ca660224e6cd34f6a94aedbf3d3acd74c5cd83554aad1c8148fbea67b6e47e7a7a9cae6eec893b75683b502a1df4c66adca1ba1c680cf8180237c9a9eb7b83d9a60e57e5ac50a42a815fcec4d3cf61a6a983daa2f6601675921ff17faba13bcf0cbadaf0e2c314b0647bec3f3140631bbafabb060c422b48263452bb346f76073401393985907ba97a0d25075c629676bacebbd1f4aca3379a876e62d0bafe4e0b63ece8d14050902e03288c347375958bb8d4ba7ecb6d91b385e931a87ebbe443019d2a19d2e4462fff575b76a29e63d24635a09bf5ff39cfbc93e57987ae93e0d214e41bc007c402228ff263b9ccddd2f2fb062a94cca72932a170b454cc3d4d490d31cf8a8970b2c0ea2bd607985ebf5215f4e3077b1af12603a0f92ece9f561b59b975c5c7b9a336073931b240a595081a452977ec17b16168c15d6880e7b35d4cc4e6f717d4ce0df50fba04ad23c4a6df37c5838a417460c3468397a9b09dc95f7696559dcf345e7ea8a3e6baed4bc8b31651ad1417cf086e86293a5a716538f0652abc8b2e6b6de91d6de451f66d6cd0092df324a6cd679a2750a8125d42225a05ecd230a3cc7e15658062ffcf5bc611f92d1437b3e66d60b1a27fefdc8382177faba55e2e99e03b9b3c101e027a67a7df01c550bd5d9630cdeee26cc505b9f7e57d3815638a50727b5e1590a770b1e8bf27d9ee3c3521a8d829d1d51c7ffac16b05cde5f416a8bb2a875375c4d665fbc4215999fa3426fefb062a0b9478db439465fa7c37687d52fb40d92d2fe65bdb5ceb9c251959e35dcf72596703da9a4d305f4a947a89fbd0e1951ecdfe025333b62c48631a3610a053514c477789c6dbc604fa8a339c621ff071510c7f7e212eaa23b2e6d6cb2eb6258d22513579fa37afaf8d128c531f227c8affa537131f55587212c49d662517d498f1ce07f4c5427c59d21da5f68c2c6de6b24ecbe12cc55075f347c2c3bdfdb106cc21fc8a26b6f4cc41c4ac2fd2ac9202059b9ad73e9813c1c6fd7462fcab600aa2274213a3a12d6f7d7ecaca82ad8d2085692793c19bec82207faffaf8c353265c539c0b5d9aba0f787a1c3f6daddd4baf7760d554a53026636f9979ffda53a94337c8c663801597159fc9f98b72659da49deddabe7bef9a55244bf3fc52dc82ef7d1e01fb4fe72ce350374bd9d5b1893f2739f6d5a067c52bf1bdad2b7c8536614c1b371f84f330b5c925eb204c865ae99af6d9afcbcecd80157b59a013092f3fe0628ac7eaa46feb6c9a0cc257f7e7ddc7f64d944f51178ba4c3fdcbe08fe51be758845fe44c4f89f7829b5b34c1e9361582bed40d080fe4239206b9c2b0059072dc9530936ba603c27c213256a197c1a97dc54d4d1891d05983a49e68c5cc5c76f0c3c7a3b2c04cf558d25c0a19545c9894aee3bccf2084143c3254aa0e2542d2ab49fdc778bec2d43c2e005e43b6261baf522d56c7de373c6079901f505d2b7bfaf2ecc450d584920989b59b1673b745b2206e3291eaf7c2fd602a596157fa79a3a7d293f917afc8beac7677b0e21396eddfeaba67c11b2f8558e4a20f935e5ba724b830a635ab2008566855f3e8bc26227132e3b65cdaaffd4cda1b42b0668e13d21d4421b949c77df8bc9b53e25c6fc6be6624c6309504b67d6a91ca414ed1a2808ac49eabbbf62ecfcebd85aeb309f9abc8061084b2943da34bae860e30adaf598aaa02028a27c00426ba3401020fe10dc3eac71e8cea9d9ad767e3c3f90723680cececa5a46caca2d70af3c561839a10292015d594ea5b8dfa20a30b12549d59e16016a13e3a1ac86ec290c0741ec3c80f4e3d7bf685a7fa2bb1651fd822a5d61912130992d36c4316321155e8b643398b008617d308f4f6251595c8ab095965c19b920f59c28d801db789e6b1120d6543bf1629975fc3b76fc99e0d35afa24b6aa4b9d04b275ef306c1edbf1abf20fbd9e867199544a9f830cbff372074ec8601588acbfca49978cf3fa8f75e4468c24dfcde86ed95bb7a4b891e435f6a71c1fe4d41b980cc5090532c2b097878c87830e299ca9d69a34a3c53f3f6face410930bb46c65dd87f5defd2097fa937775f1549679227f58160173fd973f1649aa8e8685ab27b16f76ff2cf4fc19bef44c7b76e04784a785a789366e00facca17f9f4657fafcd1775b6b2bc19d920a5137156f9600ad4d030d49b2ec8213350a3f46b6af4413e72b6da40cd5926b945e7e32321b3f3532687faabebfe7ddce98a1add3dc0d31d2beb41003e79f2513fa84d1290bc26239604e23a1becccc96c6c0b2cbc6de8fdd37dc415b37fc428e501cfa23272e10caba0ff12572f192b05a21db02acdebbb9ece5f93474fb68cd2a55ab89333729efa04c3d22097a360f1fc3b5647148e5fac3221e20c7b21da4d3a5c7c661e5cd91625454252cf79551fad80b8e72844ea95c01ba0204ca02d1d4f83ece70811764b25597922826ffdcd0994934702b15995fe3e0b7b2225d3c822f0ddaea8efb731945201bd108e934e7fcf8c4609b07e693829262905a319a675d00014fa2233facac15548ca4a86c00e9e1b590bea2294e4678edf3fda21245e67ef2289812bcc1d8e423491422decbdf4d00fc758600fc96ef59fa1600176f9a33ae31365bd68b9d571a3499c46fe8999bd3941fa504e6e73b4daec50db8d347b596a38646ea5cda9858ac347e6debb1ad1b53c05c468feb73133bd07cf7e3f3d1e364290e4a094f365290feabfe64876e65aa29d451c7a127b5c1758c57e573fea7c60bbee135391eb8019b0c18c88a5012636598438192c172001da38861b87691000bd89849df0d79f676d25199340ec77b304b61fb3e4892219d0b4668f579171ddf057051039c719be7190559a213e1f5829ac07c1e77e2cc699076bc6a0b22610972a11b3748d2a1ff0615aafa68b46db47fab358aa935ec87381fe2f23e782eb23efa4050b976843213ebbdd36d039e4f4a8133c005d81f63d2172a46552e48801d0ca886cc5e59f5e3a1960fe18aa82d07d331f7c819b8c6a315a6fd0931d3416da9112f9927cfc1fa18f819fe64dbb66e715800e66dea18c9ddeb1de4c85b89f2c4c539aa33fa199f149991c7aef195fcccff19521df1b612a68335b07a280d6235a0ea43e5828e0b5217983fc58556e8f6be779555b443295d34c2ad77417430525372b8336393cdfea93cba236fbbc5c57d421481755f44fca645bd41fea41fecad3861520d58ac2a091e59eb6003d9c8926f246324b98bedaa206875c7c314fd15d044a3da61bb8b4ec7f97da6afb3cea2d53a4c9da4d0da0ee9c8d93685183200cc1dd25cec6308b92c26afa3434c9dde20076b99e26f951bcaae579299c263c653dcd7e10897ba13230bb6ca4f67b18e3be85db88a8f4afe9610302ccc6db37f474b54be6033a3ff88b39af0756bbbef8a1c8c2472d440fe760c26fded732f4a3c2430810df695bc391ee13ee28aef5ab592a549fa300fafcc40f8e44c6c8869573486b7b626fb401e084499cd11481cdb37f1ab8f46de99cc2fe24ccc4044d056cf418a32b1150fe2de01389dbbbf3ec685f404e08bb1f17a201f4c7e06ce14b495a480215da88415ab686ad3f5e68ed5ee22c799af929e07c61ff61ee50e02b12725fe31d15477fb33ccda5f069690d64345c07de91c43c458f9897e48fcaeb04f30c26ff56a0f1cb0440982e61470495f3f6f6732ccfd3343448ea8b49da17b92a353b2e7c8372eaca3da2d5a3f813e35a840717e53241e456cbf3cf182e8d70d8a5dbfa03a45674b7ee4ac78a33e297d38dbf68015953e00e24c2f70ab0ba900a0be385e91136c7aaa75476fa6f050144393542421db126766615cee32762714ec9b2d9cc61e9057e826ec1f9e7f3271ec4c5accccf94950dc8607772278b50307b3a5a73ef898310a99ba3e9845b6c4ba59540f9c32f4ab3a8a2b6281f9e8f9800da3f42442b82811b5494a05e766d2875b93c8e0de3490d375cd0896d1d2bb70b0d3ecc62addcd4c75df14a3869707db69288e0516257275400bb159084809a7d88e7c9259fde8c7b44e43c53fc232c490066c9cb0cd5eafe8296f944dd19c6c971c923beb561ea4486771470cc5deb65cdfa092e9a0a37367ef2a6f10c6e10f0afcfccc1a1d9ceb1c730b94572223aa2e2d9aaf240d418203fddf79705bfbd9243fff3a41bceda32699cd4fcc131599832dce795bc2c30c4438ab35f9cd27f54c2a0e3845e7c832b6c90d7d6d5e85cc772a779b5d2fc084b593a09ee5cb872f4d80fecc55ade34052f1c266ac9441287a87e5a6b504be2ef70ce989d469e745c750e9cbd651d5ea1c151bbd368c8d437b3db2a3f182b10c5d21d1b45d1ced893d818e08fee7792aa18716247109c466fff7b186935ac01919b623e4fa55d9920e1a3d9ee8f427ab13fbcbf0208e3c0d87643f6e0d791d3546ba1c577ad467b3e6edaef0b25b35c982de0ffd693bf4630547af3043b17615c32d7674f834ebdde72e33188d1c6c7ed36d85ba45530ba28df3183f917217256a646fba44a653e6192398a9cbd4524b04ea114fc3cf9b6b40560bfc6d85017b4cda366eca5eb6694c6bf605a807669d399e782d742e756867cb7e33578a54886fa74bf6547be9e28c1765bc02a9aea5312e37dec863036326cd95940a558f3070c29dce10ad350060d818f91230af347666b3dad9e9ad7a99ec72c5de3eb837460a4891e54a7828711804d134486bd7f87cc051e7ce083ae40a4e88524ec3ff3118a98ed97511780ba736aa1ec56459d3574e699bbe0f33e61db77092932eb2d7757cc4d81a0f4ab17c898226358bd27e91c004be4c5bc246afce8c25422eab968b74e1cf24aba537f20ed90e10fdecf4d7d1fc0bff1054057634493e0092ac8a84c78e034ffbe4300986713d7a3acb73ae2aaf7c766be3ec86c048772a833a74737e5f215f3b3287d391f7538b2949e2bd224334a8151348edfddfa54c7bcd8c640e88f3563e806464989851f37670fb7b3ba3187725170f26c789ca442bb2a210a7a73ac33c27a22507d751f7f9b6ca3d1169e12647b92e2e5274bbd63df36d219caca700dff9a5a825b7"}) io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x590, 0x8, 0x10001, 0x6fb3, 0x8a, 0xfffffff7, 0xffffffffffffffff, [0x100, 0x9, 0x7c], {0x2, 0x7, 0x3034, 0xe, 0xf, 0x5, 0x5, 0xfffffff9, 0xf08a2b6}, {0x4000, 0xfc, 0x9, 0x0, 0x0, 0xb89, 0xd5, 0x837, 0x2d6}}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:01.3/vendor\x00', 0x0, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) mmap$auto(0xfffffffffffffff9, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0xfffffffffffffff9) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r3 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) r4 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/sg/version\x00', 0x8080, 0x0) lseek$auto(r4, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) setrlimit$auto(0x1000000007, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mlockall$auto(0x7) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffe) syz_clone3(&(0x7f0000000200)={0x383281180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r3}}, 0x58) 1.428053287s ago: executing program 2 (id=3706): pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00/\x00\x00\x00\xfd\xfdX\xd3\x1d\xf8\xbebZ\xddL\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\b\x00\x0e\x80\x00\x00\x00\x00\x01\x88\v\xae\xa9i8W\xe5Iq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\b\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfded, 0x3) 1.339994466s ago: executing program 2 (id=3707): mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) socketpair$auto(0x1, 0x5, 0x3, 0x0) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/hugetlb.1GB.rsvd.limit_in_bytes\x00', 0x0, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) r0 = openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/current\x00', 0x1, 0x0) write$auto_proc_pid_attr_operations_base(r0, &(0x7f0000000000)='-', 0x1) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) shutdown$auto(0x200000003, 0x2) mmap$auto(0x0, 0x4, 0x4000000000df, 0x40eb2, 0x402, 0x300000000000) (async) socketpair$auto(0x1, 0x5, 0x3, 0x0) (async) syz_genetlink_get_family_id$auto_macsec(&(0x7f0000000000), 0xffffffffffffffff) (async) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.cpu/hugetlb.1GB.rsvd.limit_in_bytes\x00', 0x0, 0x0) (async) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) (async) openat$auto_proc_pid_attr_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/current\x00', 0x1, 0x0) (async) write$auto_proc_pid_attr_operations_base(r0, &(0x7f0000000000)='-', 0x1) (async) recvmmsg$auto(0x3, 0x0, 0x10000, 0x6, 0x0) (async) shutdown$auto(0x200000003, 0x2) (async) 1.270504956s ago: executing program 3 (id=3708): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) madvise$auto(0x0, 0xfffffffffffefffd, 0x17) r0 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, 0x0, 0x3, 0x0) ioctl$auto_KVM_CREATE_VM(r0, 0xae01, 0x1) madvise$auto(0x0, 0x20499d, 0x9) madvise$auto(0x0, 0xffffffffffff0001, 0x15) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) futex_waitv$auto(&(0x7f0000000000)={0x8, 0x5d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) io_uring_setup$auto(0x40005, &(0x7f0000000000)={0x6, 0x1, 0x400, 0x7, 0x1005, 0x6, 0x7, [0x4, 0x2e9, 0x8], {0x0, 0x1, 0x8, 0x7, 0x5, 0x100005, 0x1, 0xfffffffc, 0x7}, {0x4, 0xfff, 0xffff7fff, 0x2, 0x8, 0x200, 0x3, 0x0, 0x3}}) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) getcwd$auto(0x0, 0xffffffffffffffff) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) inotify_add_watch$auto(0x4, 0x0, 0xe6e) open(&(0x7f0000000000)='./file0\x00', 0x4242, 0x0) bpf$auto(0xb, 0x0, 0x3) mbind$auto(0x0, 0x2091d2, 0x4, 0x0, 0x6, 0x2) openat$auto_snd_seq_f_ops_seq_clientmgr(0xffffffffffffff9c, &(0x7f0000000000), 0xb4140, 0x0) 1.073619266s ago: executing program 2 (id=3709): mmap$auto(0x0, 0xe983, 0xdf, 0xeb1, 0x401, 0x8000) r0 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r0, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) r1 = openat$auto_def_blk_fops_fs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sda\x00', 0x8041, 0x0) mmap$auto(0x100000000000000, 0x20009, 0xdf, 0xeb1, 0x401, 0x8000) ioctl$auto_SG_GET_RESERVED_SIZE(r1, 0x2272, 0x0) setsockopt$auto(0x3, 0x6, 0x1, 0x0, 0x9) write$auto(0x3, 0x0, 0xfffffdef) sendfile$auto(0x1, 0x3, 0x0, 0x7ffff000) 443.117607ms ago: executing program 0 (id=3710): r0 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/system/cpu/offline\x00', 0x800, 0x0) openat$auto_dai_list_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0) bpf$auto(0x12, &(0x7f0000000000)=@info={0x2800, 0x1ff, 0x2}, 0xcf) r1 = openat$auto_blk_mq_debugfs_fops_blk_mq_debugfs(0xffffffffffffff9c, &(0x7f0000001c80)='/sys/kernel/debug/block/nullb0/hctx0/cpu0/poll_rq_list\x00', 0x400, 0x0) openat$auto(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x7, 0x2) mmap$auto(0x8000000000000000, 0x1003, 0x0, 0x8000000000000010, 0xffffffffffffffff, 0x200) r2 = socket$nl_generic(0x10, 0x3, 0x10) fadvise64$auto(r1, 0x3ff, 0x2, 0x80000001) mremap$auto(0x3, 0x2, 0x3, 0x7fffffff, 0x7) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$auto_wireguard(&(0x7f0000000100), r2) sendmsg$auto_WG_CMD_SET_DEVICE(r3, &(0x7f00000028c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=ANY=[@ANYBLOB="004f41fe", @ANYRES16=r4, @ANYBLOB="210026bd7000fadbdf2501000000140002007665746830"], 0x28}, 0x1, 0x0, 0x0, 0x841}, 0x80) r5 = socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x20009, 0x447d5a2a, 0x14, 0x401, 0x8001) sysfs$auto(0x2, 0x0, 0x0) io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x405, 0x8, 0x10001, 0x6fb3, 0x8a, 0xfffffff7, 0xffffffffffffffff, [0x100, 0x9, 0x7f], {0x2, 0x7, 0x3034, 0xe, 0xf, 0x5, 0x5, 0xfffffff9, 0xf08a2b6}, {0x4000, 0xfc, 0x9, 0x0, 0x0, 0xb89, 0xd5, 0x837, 0x8}}) sendmsg$auto_OVS_FLOW_CMD_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x40010}, 0x800) mprotect$auto(0x1ffff000, 0x8000000000000004, 0xd) bpf$auto(0x12, &(0x7f0000000040)=@link_detach, 0x26) r6 = socket(0x10, 0x2, 0xc) sendmsg$auto_ETHTOOL_MSG_CHANNELS_GET(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)=ANY=[@ANYRES16=r6, @ANYRES32=r3, @ANYRESOCT, @ANYRESDEC=r5, @ANYRESOCT=r6, @ANYRESOCT=r5], 0x18}, 0x1, 0x0, 0x0, 0x60008004}, 0x80) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000040)='/sys/devices/virtual/net/nr6/link_mode\x00', 0x23c200, 0x0) r7 = openat$auto_tap_fops_tap(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0) bind$auto(0x3, 0x0, 0x6a) ioctl$auto_TUNSETQUEUE(r7, 0x400454d9, &(0x7f0000000040)=0x64ea) setsockopt$auto(r3, 0x1ff, 0xa7ee, &(0x7f0000000180)='netdev\x00', 0x9) r8 = syz_genetlink_get_family_id$auto_netdev(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_NETDEV_CMD_QUEUE_GET(r6, &(0x7f0000000140)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000340)={&(0x7f0000000380)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="7e5d73c6fd34bf6c71ef138cd07d02ffe96b3c758e431f08cbf41a8ce13afd4d851928b58235f6aaf5b3741013e1367958911bb5b6931b97d3edc8158237b4b3a25d679c998d1f82d86ef173480bdd7a64e2b36d6a56ebd6d97a4301f073c9b70d7fd2fc84ba16c229ece640f040a7c32ea9130da2890a"], 0x24}, 0x1, 0x0, 0x0, 0x841}, 0x1) read$auto(r0, &(0x7f00000000c0)='/sys/devices/platform/vhci_hcd.7/usb23/23-0:1.0/ep_81/interval\x00', 0x3) 421.99267ms ago: executing program 1 (id=3711): openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, 0x0, 0x103742, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket(0x2, 0x3, 0x2) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'syz_tun\x00'}) mq_open$auto(0xffffffffffffffff, 0x200, 0x663c5371, 0x0) openat$auto_uhid_fops_uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x276ef9e641307ebb, 0x0) r0 = openat$auto_sg_fops_sg(0xffffffffffffff9c, 0x0, 0x82802, 0x0) fcntl$auto(r0, 0x2, 0x0) setsockopt$auto(0x3, 0x0, 0xd4, 0xfffffffffffffffc, 0x3) socket$nl_generic(0x10, 0x3, 0x10) mknod$auto(0x0, 0xc9, 0xc8) socket(0x2, 0x80002, 0xf) socket(0xa, 0x5, 0x0) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) close_range$auto(0x0, 0xfffffffffffff000, 0x4000000000002) open(&(0x7f0000000000)='./file0\x00', 0x261c2, 0x84) mmap$auto(0x0, 0x7, 0xdf, 0x9b72, 0x2, 0x8000) socket(0xa, 0x2, 0x3a) socket(0xa, 0x2, 0x0) socket(0xa, 0x801, 0x106) socket$nl_generic(0x10, 0x3, 0x10) socket(0xa, 0x2, 0x88) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) pipe$auto(0x0) pipe$auto(0x0) socket(0x10, 0x2, 0xf) close_range$auto(0x2, 0x8, 0x0) fanotify_init$auto(0x5, 0x2000000000002) socket(0x2, 0x801, 0x100) 317.872634ms ago: executing program 0 (id=3712): r0 = socket(0x1d, 0x2, 0x6) r1 = socket(0x2, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) bind$auto(0x3, &(0x7f0000000040)=@can={0x1d, r2, 0xfd}, 0x6a) sendmsg$auto_ETHTOOL_MSG_PLCA_GET_STATUS(r0, &(0x7f0000001600)={0x0, 0x0, &(0x7f00000015c0)={&(0x7f0000001400)={0x14, 0x0, 0x8, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0x4000) r3 = openat$auto_lru_gen_rw_fops_vmscan(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/lru_gen_full\x00', 0x202, 0x0) close_range$auto(r3, r0, 0x8000) r4 = socket$nl_generic(0x10, 0x3, 0x10) io_submit$auto(0x9, 0x8000000000000000, &(0x7f0000000040)=&(0x7f0000000000)={0x6a8d, 0xf4, 0xf, 0x7, 0x3, 0xffffffffffffffff, 0x4, 0x45fb, 0x6, 0x0, 0x800}) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000240), r6) sendmsg$auto_THERMAL_GENL_CMD_CDEV_GET(0xffffffffffffffff, 0x0, 0x0) openat$auto_hpet_fops_hpet(0xffffffffffffff9c, 0x0, 0xc2540, 0x0) sendmsg$auto_THERMAL_GENL_CMD_TZ_GET_TRIP(r5, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000005c0)={0x0}, 0x1, 0x0, 0x0, 0x80}, 0x40) openat$auto_mon_fops_text_t_mon_text(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/usb/usbmon/12t\x00', 0x11201, 0x0) openat$auto_sc_seq_fops_netdebug(0xffffffffffffff9c, &(0x7f0000000080), 0x18100, 0x0) sendmsg$auto_THERMAL_GENL_CMD_CDEV_GET(r4, &(0x7f0000001740)={0x0, 0x0, &(0x7f0000001700)={&(0x7f0000000100)={0x224, r7, 0x1, 0x70bd26, 0x25dfdbfc, {}, [@THERMAL_GENL_ATTR_TZ_TRIP_TYPE={0x8, 0x7, 0x3ff}, @THERMAL_GENL_ATTR_TZ_MODE={0x8, 0xa, 0x7}, @THERMAL_GENL_ATTR_TZ_GOV={0x1f3, 0xd, 0x0, 0x1, [@nested={0x10, 0x10b, 0x0, 0x1, [@typed={0x4, 0x13a}, @typed={0x8, 0x104, 0x0, 0x0, @u32=0x2}]}, @generic="c5f31e811123ce56477b45cc1ea1bb24980be2f9668d8e1e913c34682dc89740630c56b215fc550389bed6a037cba40ebce849b7d9a4a4144e84230c716eb2066727e8f6d53feabf57d64e53c0de73c44eb87c3ddc927f86e64eaed17ce0ba258536e873107ee07ae8f50d2091b3e86170d167ec34546b2a4dfab2d52b2a3659deea50920afd32b882725a9b7719bc42916f4de6dc26224c", @generic="81041dcd707f9a34c028b560ed201e074e310d2ac43e10dbbf94feca04867efc7da057ceb5c745d78028323992b4d38a68bae84ad6f19e5bd2ee", @typed={0x14, 0xf0, 0x0, 0x0, @ipv6=@remote}, @nested={0xb5, 0x6a, 0x0, 0x1, [@typed={0x4, 0xe2}, @nested={0x4, 0x111}, @typed={0x8, 0xee, 0x0, 0x0, @u32=0x7}, @typed={0x14, 0x78, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @typed={0x6, 0xca, 0x0, 0x0, @str='&\x00'}, @generic="51302ae38610cdeb00624c88efe38c625f0320b275a45987dc96cfae5df1479dd34af65b0c16056169fd7c0c1cfa894d0ff09524bfe9b20ef0c55b993d5b94987b1addaadb80dc25b0cfd3f8f4b334f8aef9170cfe08165760636b4ed33fe7f48b222396daf47488bb6df6b0ede697e857ebc2b96b02fe5d81fbd26755", @nested={0x4, 0x47}, @nested={0x4, 0x32}]}, @generic="90dcd5fc54e9d1c54ababd9952dedff66bff75d9138832b61809df558f20bf475961950c444b362a8595aa342f4e63661b70e07ca0ff631c5c270c0a53", @nested={0x4, 0x75}]}, @THERMAL_GENL_ATTR_TZ_TRIP_ID={0x8, 0x6, 0xffff}, @THERMAL_GENL_ATTR_CDEV={0x4}]}, 0x224}, 0x1, 0x0, 0x0, 0x40000}, 0x20004100) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_GET(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x2c, r7, 0x8, 0x70bd2d, 0x25dfdbfd, {}, [@THERMAL_GENL_ATTR_CPU_CAPABILITY_PERFORMANCE={0x8, 0x17, 0xffffff7f}, @THERMAL_GENL_ATTR_TZ_ID={0x8, 0x2, 0xfff}, @THERMAL_GENL_ATTR_THRESHOLD_TEMP={0x8, 0x1a, 0x401}]}, 0x2c}, 0x1, 0x0, 0x0, 0x804}, 0x8000) sendmsg$auto_NCSI_CMD_SET_PACKAGE_MASK(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, 0x0, 0x200, 0x70bd25, 0x25dfdbff, {}, [@NCSI_ATTR_PACKAGE_ID={0x8, 0x3, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40800}, 0x0) 258.923789ms ago: executing program 1 (id=3713): r0 = open(&(0x7f0000000800)='./file0\x00', 0xc2fc0, 0x174) (async) keyctl$auto(0x5, 0x0, 0xee00, 0x0, 0x8) execveat$auto(r0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x1004) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) bind$auto(r0, &(0x7f0000000040)=@can={0x1d, r1}, 0x6) 170.595623ms ago: executing program 1 (id=3714): close_range$auto(0x2, 0x8, 0x0) mmap$auto(0x0, 0x20009, 0x4000000000e1, 0xeb1, 0x401, 0x8000) sendmsg$auto_NETDEV_CMD_QUEUE_GET(0xffffffffffffffff, &(0x7f0000003040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x14}, 0x1, 0x0, 0x0, 0x4048804}, 0x44810) mmap$auto(0x0, 0xffff, 0xdf, 0x9b72, 0xffffffffffffffff, 0x8000) r0 = openat$auto_configfs_file_operations_configfs_internal(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/config/target/core/alua/lu_gps/default_lu_gp/members\x00', 0x0, 0x0) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video61\x00', 0x8a240, 0x0) r2 = open(&(0x7f0000000000)='./cgroup\x00', 0x0, 0x64) fchdir$auto(r2) mmap$auto(0x0, 0x8, 0xdf, 0x9b72, 0x2, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/time\x00') socket(0x2, 0x3, 0x1) statx$auto(0xffffff9c, 0x0, 0x1000, 0x1, 0x0) ioctl$auto(0x1, 0x890b, 0x8) ioctl$auto(r1, 0x5646, r1) read$auto_v4l2_fops_v4l2_dev(r1, &(0x7f0000000080)=""/27, 0x1b) r3 = socketpair$auto(0x1, 0x1, 0x8000000000000000, 0x0) recvmmsg$auto(0x4, 0x0, 0x7, 0xe, 0x0) recvfrom$auto(0x4, 0x0, 0x101d0, 0x3ffffd, 0x0, 0x0) setsockopt$auto(0xffffffffffffffff, 0x2b, 0x37, &(0x7f0000000080)='\x15!\xa8^J/\xddCx4!\x00\xd3\x8f\x1e\x1b\xc3 \xe2\xa8\xd6\xd9\xc0\xa2\x0f\x88\xb1e\x8a\xd8?\xfe\xda\xc4\xef\xff(i\xc6@\x91[\vBj\x0eQ\xce\x16\'C\x8cYA\x92u\xd5\xb8\xbcn\xa0c\x16~\x86\"t\xde\x14\xe4\xa5\xfe\xb5\x00\x00\x00\x00\x00\x00\x00\x00', 0x110) mmap$auto(0x8, 0x20009, 0xb, 0xeb1, r3, 0x8000) r4 = openat$auto_binder_ctl_fops_binderfs(0xffffffffffffff9c, &(0x7f00000001c0), 0x200, 0x0) ioctl$auto_BINDER_CTL_ADD(r4, 0xc1086201, 0x0) r5 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000200)='/sys/devices/platform/dummy_hcd.0/usbmon/usbmon1/power/runtime_active_time\x00', 0x4c2c03, 0x0) r6 = timerfd_create$auto(0x0, 0x14) ioctl$auto_SNDRV_CTL_IOCTL_PVERSION(r6, 0x80045500, &(0x7f0000000080)=0x40) read$auto_kernfs_file_fops_kernfs_internal(r5, &(0x7f00000009c0)=""/231, 0xe7) r7 = pipe$auto(&(0x7f0000000000)=r5) epoll_ctl$auto(r0, 0x7, r3, &(0x7f0000000180)={0x4, 0x1}) read$auto(r7, &(0x7f0000000040)='\x00'/11, 0x3) 169.884613ms ago: executing program 2 (id=3715): r0 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/personality\x00', 0x80000, 0x0) read$auto(r0, &(0x7f0000000040)='{8\x00\x00\x00\x00\x00\x00\x00', 0x196d083b) r1 = openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/virtual/workqueue/raid5wq/nice\x00', 0x80001, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) acct$auto(&(0x7f0000000000)='/sys/devices/platform/i8042/serio1/resync_time\x00') ioperm$auto(0x9, 0x3, 0x2) acct$auto(0x0) close$auto(r1) acct$auto(&(0x7f0000000080)='\x00') ioctl$auto_KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) 145.72472ms ago: executing program 0 (id=3716): mount_setattr$auto(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000100)={0x40, 0x0, 0x6, @raw=0x5}, 0xf09) close_range$auto(0x2, 0x8, 0x0) openat$auto_proc_loginuid_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/loginuid\x00', 0x109000, 0x0) r0 = openat$auto_proc_reg_file_ops_compat_inode(0xffffffffffffff9c, &(0x7f0000000040)='/proc/irq/11/smp_affinity_list\x00', 0x129542, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) writev$auto(0x3, &(0x7f0000000100)={0x0, 0x7111}, 0x8) r1 = openat$auto_console_fops_tty_io(0xffffffffffffff9c, &(0x7f0000000000)='/dev/console\x00', 0x4101, 0x0) ppoll$auto(&(0x7f0000000040)={r1, 0x0, 0x7}, 0x5, 0x0, 0x0, 0x8) r2 = openat$auto_state_fops_(0xffffffffffffff9c, &(0x7f0000000000), 0x121040, 0x0) read$auto_state_fops_(r2, &(0x7f0000000040)=""/142, 0x8e) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) mmap$auto(0x0, 0x400008, 0xdf, 0x9b72, 0x2, 0x8000) r3 = socket(0x2, 0x1, 0x0) bind$auto(0x3, &(0x7f0000000040)=@in={0x2, 0x3, @remote}, 0x6a) sendmmsg$auto(r3, &(0x7f0000000140)={{&(0x7f0000000040), 0x12, 0x0, 0x9, 0x0, 0x1f, 0xb}, 0x800009}, 0x5, 0x20000000) write$auto(0x3, 0x0, 0xfffffdef) fcntl$auto(r0, 0x80005, 0x0) mmap$auto(0x0, 0x400005, 0xfffffffffffffffe, 0x9b72, 0x2, 0x8000) sendmsg$auto_WG_CMD_GET_DEVICE(0xffffffffffffffff, 0x0, 0x2000c041) bind$auto(0x3, 0x0, 0x6b) connect$auto(0x3, &(0x7f00000000c0), 0x55) recvfrom$auto(0x3, 0x0, 0x100000000, 0x100, 0x0, 0xfffffffffffffffd) fcntl$auto(0xffffffffffffffff, 0x401, 0x5) sendmsg$auto_OVS_METER_CMD_SET(0xffffffffffffffff, 0x0, 0x40) write$auto(0x3, 0x0, 0xfffffdef) unshare$auto(0x40000080) rseq$auto(0xfffffffffffffffd, 0xc93, 0x3, 0x9) bpf$auto(0x0, &(0x7f0000000100)=@task_fd_query={0x7, 0x4, 0x200, 0x3, 0x8, 0xc, 0x2e, 0x0, 0x3}, 0x6f4) bpf$auto(0x4, &(0x7f00000001c0)=@bpf_attr_1={0x3, 0xca99, @value=0x5, 0xa}, 0xc) ioctl$auto_TCSBRKP(r1, 0x5425, 0x10000000000) 65.585604ms ago: executing program 2 (id=3717): pwrite64$auto(0xc8, &(0x7f0000000080)='\vX\xb5n\x91p\xe6\x1eRN8\x99\x86\xdde\x1cJ\x99\x00\x00/\x00\x00\x00\xfd\xfdX\xd3\x1d\xf8\xbebZ\xddL\x01\x00\x00\x00^\x0fo\x84\xfc\x89\v\xea\b\x00\x00\xfc\x00\x00\x00\x00\x01\x88\v\xae\xa9i8W\xe5Iq\xf0\xcdr\xfa\xa2@X\xb9_\xdd*\xd1\x14^\xbe\xa2E\xd8?\'\x8dg\x81K*&\xab\xaf\x94\x90\xd7\xa6+,\xc3\xc2g\x01JZ\xbb*\xb5\xa1;0\x81\x11\x9a?g`sFh\x00\x00,,\x93\xba\x88\x93\xc6#\xe5\xaae\x9d\xb6\x1a\x7f\xc0%\xb0\rfOJ+\x02\x9b#)\x9b\x17\x82\xd7\xee\xd1\xbf2[\xd0\xbdn\x1d\b\xeb]B\xa0\x99\xb0R\xb4J}\xa8\xa1\x84]F\xe0\x83/\xc0\xd8\x05f_\xfa\x19\a\x00\xf1\x12lwU&[\xde?\xde8\xf7\xc1\xa6\xf2\xc1\"\xact\xee\xc9\x00'/232, 0xfded, 0x3) 41.883725ms ago: executing program 1 (id=3718): mmap$auto(0x0, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0x8000) close_range$auto(0x0, 0xfffffffffffff000, 0x2) futex_waitv$auto(&(0x7f0000000000)={0xf, 0x5d94, 0x4, 0x4}, 0x77, 0x0, 0x0, 0x62bd) socket(0xa, 0x3, 0x71) socket(0x18, 0x3, 0x5) socket(0xa, 0x2, 0x88) mmap$auto(0x9, 0x400008, 0xdf, 0x9b72, 0x0, 0x100000000008001) r0 = openat$auto_proc_pagemap_operations_internal(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/pagemap\x00', 0x0, 0x0) read$auto(r0, 0x0, 0x39b8) openat$auto_proc_oom_adj_operations_base(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/oom_adj\x00', 0x48402, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) read$auto(0x3, 0x0, 0x1f40) write$auto(0x3, 0x0, 0xfdef) r1 = openat$auto_v4l2_fops_v4l2_dev(0xffffffffffffff9c, &(0x7f0000000000)='/dev/v4l-subdev5\x00', 0x80282, 0x0) ioctl$auto_v4l2_fops_v4l2_dev(r1, 0x80085617, 0x0) sysfs$auto(0x2, 0x10000000000048, 0x0) r2 = openat$auto_rtc_dev_fops_dev(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) ioctl$auto_RTC_SET_TIME(r2, 0x4024700a, &(0x7f0000000280)={0x1, 0x7, 0x0, 0x5, 0x2, 0x80, 0xce, 0x6c35, 0xe}) r3 = fsopen$auto(0x0, 0x1) close_range$auto(0x2, 0x8, 0x0) msgctl$auto(0x3, 0x0, &(0x7f00000000c0)={{0x3, 0x0, 0xffffffffffffffff, 0x10, 0x8001, 0x8, 0x40}, &(0x7f0000000040)=0x3, &(0x7f0000000080)=0x2d, 0x2, 0xe, 0xffffffffffff48c3, 0x9, 0x2, 0xa, 0x6, 0x400, @raw=0x8, @raw=0x8000}) setgid$auto(r4) r5 = openat$auto_kvm_chardev_ops_kvm_main(0xffffffffffffff9c, &(0x7f00000011c0), 0x8c00, 0x0) ioctl$auto_KVM_CREATE_VM(r5, 0xae01, 0x0) gettid() unshare$auto(0x40000080) r6 = openat$auto_adf_hb_cfg_fops_adf_heartbeat_dbgfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/kernel/debug/ieee80211/phy0/reset\x00', 0x81, 0x0) write$auto(r6, 0x0, 0x4) ioctl$auto(0x3, 0x4018aebd, r3) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000004300)='/sys/devices/virtual/block/nbd14/integrity/write_generate\x00', 0x801, 0x0) 37.445553ms ago: executing program 3 (id=3719): mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) socket$nl_generic(0x10, 0x3, 0x10) mmap$auto(0x0, 0x4020009, 0xdb, 0xeb1, 0x401, 0x8000) pipe$auto(0x0) signalfd4$auto(0xffffffff, &(0x7f0000000080)={0x8000}, 0x8, 0x0) select$auto(0x5, &(0x7f0000000000)={[0xeb, 0x8001, 0x4, 0xd1, 0xb, 0x1ff, 0x500000, 0x10000, 0x80000000, 0x4, 0x105, 0x10002, 0x0, 0x4, 0xffffffffffffffff, 0x1]}, 0x0, 0x0, 0x0) kill$auto(0x0, 0x11) mremap$auto(0x0, 0x4, 0x4, 0x7, 0x100000000) madvise$auto(0x0, 0x200007, 0x19) sendmsg$auto_NL80211_CMD_SET_WIPHY(0xffffffffffffffff, 0x0, 0x20000084) mprotect$auto(0x1ffff000, 0x8000000000000001, 0x4) socket$nl_generic(0x10, 0x3, 0x10) syslog$auto(0x3, &(0x7f0000000040)='V/\x00', 0x7ff) unshare$auto(0x40000080) mmap$auto(0x0, 0x9, 0x3ff57696, 0x9b72, 0x2, 0x8000000000008000) sendmsg$auto_NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x24000040) keyctl$auto(0x2000000000000016, 0x1000, 0xfffffffffffffffb, 0x103, 0x7ffffffd) capget$auto(&(0x7f00000000c0)={0x5}, &(0x7f0000000100)={0x0, 0xf, 0xfffffff9}) set_tid_address$auto(&(0x7f0000000140)=0x401) mmap$auto(0x0, 0x3, 0xdf, 0xeb1, 0x401, 0x8000) mkdir$auto(&(0x7f00000001c0)='}[,&*}\x00', 0xc001) unshare$auto(0x40000080) r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$auto_ovs_datapath(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_OVS_DP_CMD_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0x801}, 0x80) fcntl$auto(r0, 0x0, 0x9) socket$nl_generic(0x10, 0x3, 0x10) socket(0x6, 0xa, 0x2) mq_open$auto(&(0x7f0000000200)='#)-\\&[}\x00', 0xde8, 0xb, &(0x7f0000000240)={0x9, 0x4, 0x2, 0x5}) 0s ago: executing program 2 (id=3720): mmap$auto(0x4, 0x400002, 0xfffffffffffffffe, 0x9b72, 0xe8, 0x8000) fcntl$getown(0xffffffffffffffff, 0x9) sendmsg$auto_TIPC_NL_BEARER_GET(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000000}, 0xff6d, &(0x7f0000000200)={&(0x7f0000003080)={0x14, 0x0, 0x20, 0x70bd2a, 0x25dfdbfd}, 0x14}}, 0x4004010) syz_genetlink_get_family_id$auto_thermal(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$auto_THERMAL_GENL_CMD_THRESHOLD_GET(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000100)={0x0}, 0x1, 0x0, 0x0, 0xc000}, 0x400c000) r0 = socket(0xa, 0x3, 0x3a) ioctl$auto(r0, 0x890b, 0x1) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$auto_ipvs(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$auto_IPVS_CMD_SET_SERVICE(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000080)={0x20, r2, 0xbb2b6b136619818b, 0x70bd2c, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x1, 0x0, 0x0, @pid}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x8000) newfstatat$auto(0xffffffffffffffff, 0x0, &(0x7f0000000300)={0x1, 0x7, 0x400, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x3c, 0x400, 0x0, 0xb15, 0x7a4b, 0x9, 0x8e, 0x4, 0x2, 0xffffffffffff17ef}, 0x8) shmctl$auto(0x3, 0xb, &(0x7f00000014c0)={{0xc, 0xee01, 0xffffffffffffffff, 0x200c3d, 0x3, 0x7fff, 0x5}, 0xfffff001, 0x6, 0x8, 0x7, @inferred, @raw=0x1000, 0x6e4c, 0x0, &(0x7f00000003c0), &(0x7f00000004c0)="bf88be7cbe291d911220f46ce88d933a946cc7c97bff2be10ade60a7cb8b339f193d1e1458c36107b1a9d21ed0b4eda0b5c372a8d7d96ba8b62dc4c093d71335a8c1148709b1aca8f1aecb5fbbd360019219feaf0d0dfefe739ad59df7387ceb3ea4ef71fdbabe35f2db8cecc5eb7344b19a18ccbf84b60ca50f31e93e299ea090a0e498df5ba24a039031337b4bab2bff2805638dedff47d843b13fd8cf2494bbfc6db679b4a0add840084e38df72d8234d11dbabe1c4432e763463f5d89263b7c56edf65e9ae13682c1083ca5b20a779f469614a631d7bb8dc917764176937bca3691e7a1afdcac2f745080c5e7789c08f8ecc1069a33ce2e24711f7648377e1b4f9217ce6fffa351276f7f888906af20f89918b2b6ff9a1f70b3642e00da5403fc2a2bf18e710774cc5d7c3ce79feffe614705b00322166f51a03027c84917a4b3250535161a212c8e724a6f78d3b1557d2a9fe67957617c026152a25e519232ca660224e6cd34f6a94aedbf3d3acd74c5cd83554aad1c8148fbea67b6e47e7a7a9cae6eec893b75683b502a1df4c66adca1ba1c680cf8180237c9a9eb7b83d9a60e57e5ac50a42a815fcec4d3cf61a6a983daa2f6601675921ff17faba13bcf0cbadaf0e2c314b0647bec3f3140631bbafabb060c422b48263452bb346f76073401393985907ba97a0d25075c629676bacebbd1f4aca3379a876e62d0bafe4e0b63ece8d14050902e03288c347375958bb8d4ba7ecb6d91b385e931a87ebbe443019d2a19d2e4462fff575b76a29e63d24635a09bf5ff39cfbc93e57987ae93e0d214e41bc007c402228ff263b9ccddd2f2fb062a94cca72932a170b454cc3d4d490d31cf8a8970b2c0ea2bd607985ebf5215f4e3077b1af12603a0f92ece9f561b59b975c5c7b9a336073931b240a595081a452977ec17b16168c15d6880e7b35d4cc4e6f717d4ce0df50fba04ad23c4a6df37c5838a417460c3468397a9b09dc95f7696559dcf345e7ea8a3e6baed4bc8b31651ad1417cf086e86293a5a716538f0652abc8b2e6b6de91d6de451f66d6cd0092df324a6cd679a2750a8125d42225a05ecd230a3cc7e15658062ffcf5bc611f92d1437b3e66d60b1a27fefdc8382177faba55e2e99e03b9b3c101e027a67a7df01c550bd5d9630cdeee26cc505b9f7e57d3815638a50727b5e1590a770b1e8bf27d9ee3c3521a8d829d1d51c7ffac16b05cde5f416a8bb2a875375c4d665fbc4215999fa3426fefb062a0b9478db439465fa7c37687d52fb40d92d2fe65bdb5ceb9c251959e35dcf72596703da9a4d305f4a947a89fbd0e1951ecdfe025333b62c48631a3610a053514c477789c6dbc604fa8a339c621ff071510c7f7e212eaa23b2e6d6cb2eb6258d22513579fa37afaf8d128c531f227c8affa537131f55587212c49d662517d498f1ce07f4c5427c59d21da5f68c2c6de6b24ecbe12cc55075f347c2c3bdfdb106cc21fc8a26b6f4cc41c4ac2fd2ac9202059b9ad73e9813c1c6fd7462fcab600aa2274213a3a12d6f7d7ecaca82ad8d2085692793c19bec82207faffaf8c353265c539c0b5d9aba0f787a1c3f6daddd4baf7760d554a53026636f9979ffda53a94337c8c663801597159fc9f98b72659da49deddabe7bef9a55244bf3fc52dc82ef7d1e01fb4fe72ce350374bd9d5b1893f2739f6d5a067c52bf1bdad2b7c8536614c1b371f84f330b5c925eb204c865ae99af6d9afcbcecd80157b59a013092f3fe0628ac7eaa46feb6c9a0cc257f7e7ddc7f64d944f51178ba4c3fdcbe08fe51be758845fe44c4f89f7829b5b34c1e9361582bed40d080fe4239206b9c2b0059072dc9530936ba603c27c213256a197c1a97dc54d4d1891d05983a49e68c5cc5c76f0c3c7a3b2c04cf558d25c0a19545c9894aee3bccf2084143c3254aa0e2542d2ab49fdc778bec2d43c2e005e43b6261baf522d56c7de373c6079901f505d2b7bfaf2ecc450d584920989b59b1673b745b2206e3291eaf7c2fd602a596157fa79a3a7d293f917afc8beac7677b0e21396eddfeaba67c11b2f8558e4a20f935e5ba724b830a635ab2008566855f3e8bc26227132e3b65cdaaffd4cda1b42b0668e13d21d4421b949c77df8bc9b53e25c6fc6be6624c6309504b67d6a91ca414ed1a2808ac49eabbbf62ecfcebd85aeb309f9abc8061084b2943da34bae860e30adaf598aaa02028a27c00426ba3401020fe10dc3eac71e8cea9d9ad767e3c3f90723680cececa5a46caca2d70af3c561839a10292015d594ea5b8dfa20a30b12549d59e16016a13e3a1ac86ec290c0741ec3c80f4e3d7bf685a7fa2bb1651fd822a5d61912130992d36c4316321155e8b643398b008617d308f4f6251595c8ab095965c19b920f59c28d801db789e6b1120d6543bf1629975fc3b76fc99e0d35afa24b6aa4b9d04b275ef306c1edbf1abf20fbd9e867199544a9f830cbff372074ec8601588acbfca49978cf3fa8f75e4468c24dfcde86ed95bb7a4b891e435f6a71c1fe4d41b980cc5090532c2b097878c87830e299ca9d69a34a3c53f3f6face410930bb46c65dd87f5defd2097fa937775f1549679227f58160173fd973f1649aa8e8685ab27b16f76ff2cf4fc19bef44c7b76e04784a785a789366e00facca17f9f4657fafcd1775b6b2bc19d920a5137156f9600ad4d030d49b2ec8213350a3f46b6af4413e72b6da40cd5926b945e7e32321b3f3532687faabebfe7ddce98a1add3dc0d31d2beb41003e79f2513fa84d1290bc26239604e23a1becccc96c6c0b2cbc6de8fdd37dc415b37fc428e501cfa23272e10caba0ff12572f192b05a21db02acdebbb9ece5f93474fb68cd2a55ab89333729efa04c3d22097a360f1fc3b5647148e5fac3221e20c7b21da4d3a5c7c661e5cd91625454252cf79551fad80b8e72844ea95c01ba0204ca02d1d4f83ece70811764b25597922826ffdcd0994934702b15995fe3e0b7b2225d3c822f0ddaea8efb731945201bd108e934e7fcf8c4609b07e693829262905a319a675d00014fa2233facac15548ca4a86c00e9e1b590bea2294e4678edf3fda21245e67ef2289812bcc1d8e423491422decbdf4d00fc758600fc96ef59fa1600176f9a33ae31365bd68b9d571a3499c46fe8999bd3941fa504e6e73b4daec50db8d347b596a38646ea5cda9858ac347e6debb1ad1b53c05c468feb73133bd07cf7e3f3d1e364290e4a094f365290feabfe64876e65aa29d451c7a127b5c1758c57e573fea7c60bbee135391eb8019b0c18c88a5012636598438192c172001da38861b87691000bd89849df0d79f676d25199340ec77b304b61fb3e4892219d0b4668f579171ddf057051039c719be7190559a213e1f5829ac07c1e77e2cc699076bc6a0b22610972a11b3748d2a1ff0615aafa68b46db47fab358aa935ec87381fe2f23e782eb23efa4050b976843213ebbdd36d039e4f4a8133c005d81f63d2172a46552e48801d0ca886cc5e59f5e3a1960fe18aa82d07d331f7c819b8c6a315a6fd0931d3416da9112f9927cfc1fa18f819fe64dbb66e715800e66dea18c9ddeb1de4c85b89f2c4c539aa33fa199f149991c7aef195fcccff19521df1b612a68335b07a280d6235a0ea43e5828e0b5217983fc58556e8f6be779555b443295d34c2ad77417430525372b8336393cdfea93cba236fbbc5c57d421481755f44fca645bd41fea41fecad3861520d58ac2a091e59eb6003d9c8926f246324b98bedaa206875c7c314fd15d044a3da61bb8b4ec7f97da6afb3cea2d53a4c9da4d0da0ee9c8d93685183200cc1dd25cec6308b92c26afa3434c9dde20076b99e26f951bcaae579299c263c653dcd7e10897ba13230bb6ca4f67b18e3be85db88a8f4afe9610302ccc6db37f474b54be6033a3ff88b39af0756bbbef8a1c8c2472d440fe760c26fded732f4a3c2430810df695bc391ee13ee28aef5ab592a549fa300fafcc40f8e44c6c8869573486b7b626fb401e084499cd11481cdb37f1ab8f46de99cc2fe24ccc4044d056cf418a32b1150fe2de01389dbbbf3ec685f404e08bb1f17a201f4c7e06ce14b495a480215da88415ab686ad3f5e68ed5ee22c799af929e07c61ff61ee50e02b12725fe31d15477fb33ccda5f069690d64345c07de91c43c458f9897e48fcaeb04f30c26ff56a0f1cb0440982e61470495f3f6f6732ccfd3343448ea8b49da17b92a353b2e7c8372eaca3da2d5a3f813e35a840717e53241e456cbf3cf182e8d70d8a5dbfa03a45674b7ee4ac78a33e297d38dbf68015953e00e24c2f70ab0ba900a0be385e91136c7aaa75476fa6f050144393542421db126766615cee32762714ec9b2d9cc61e9057e826ec1f9e7f3271ec4c5accccf94950dc8607772278b50307b3a5a73ef898310a99ba3e9845b6c4ba59540f9c32f4ab3a8a2b6281f9e8f9800da3f42442b82811b5494a05e766d2875b93c8e0de3490d375cd0896d1d2bb70b0d3ecc62addcd4c75df14a3869707db69288e0516257275400bb159084809a7d88e7c9259fde8c7b44e43c53fc232c490066c9cb0cd5eafe8296f944dd19c6c971c923beb561ea4486771470cc5deb65cdfa092e9a0a37367ef2a6f10c6e10f0afcfccc1a1d9ceb1c730b94572223aa2e2d9aaf240d418203fddf79705bfbd9243fff3a41bceda32699cd4fcc131599832dce795bc2c30c4438ab35f9cd27f54c2a0e3845e7c832b6c90d7d6d5e85cc772a779b5d2fc084b593a09ee5cb872f4d80fecc55ade34052f1c266ac9441287a87e5a6b504be2ef70ce989d469e745c750e9cbd651d5ea1c151bbd368c8d437b3db2a3f182b10c5d21d1b45d1ced893d818e08fee7792aa18716247109c466fff7b186935ac01919b623e4fa55d9920e1a3d9ee8f427ab13fbcbf0208e3c0d87643f6e0d791d3546ba1c577ad467b3e6edaef0b25b35c982de0ffd693bf4630547af3043b17615c32d7674f834ebdde72e33188d1c6c7ed36d85ba45530ba28df3183f917217256a646fba44a653e6192398a9cbd4524b04ea114fc3cf9b6b40560bfc6d85017b4cda366eca5eb6694c6bf605a807669d399e782d742e756867cb7e33578a54886fa74bf6547be9e28c1765bc02a9aea5312e37dec863036326cd95940a558f3070c29dce10ad350060d818f91230af347666b3dad9e9ad7a99ec72c5de3eb837460a4891e54a7828711804d134486bd7f87cc051e7ce083ae40a4e88524ec3ff3118a98ed97511780ba736aa1ec56459d3574e699bbe0f33e61db77092932eb2d7757cc4d81a0f4ab17c898226358bd27e91c004be4c5bc246afce8c25422eab968b74e1cf24aba537f20ed90e10fdecf4d7d1fc0bff1054057634493e0092ac8a84c78e034ffbe4300986713d7a3acb73ae2aaf7c766be3ec86c048772a833a74737e5f215f3b3287d391f7538b2949e2bd224334a8151348edfddfa54c7bcd8c640e88f3563e806464989851f37670fb7b3ba3187725170f26c789ca442bb2a210a7a73ac33c27a22507d751f7f9b6ca3d1169e12647b92e2e5274bbd63df36d219caca700dff9a5a825b7"}) io_uring_setup$auto(0x4bf15e08, &(0x7f0000000000)={0x590, 0x8, 0x10001, 0x6fb3, 0x8a, 0xfffffff7, 0xffffffffffffffff, [0x100, 0x9, 0x7c], {0x2, 0x7, 0x3034, 0xe, 0xf, 0x5, 0x5, 0xfffffff9, 0xf08a2b6}, {0x4000, 0xfc, 0x9, 0x0, 0x0, 0xb89, 0xd5, 0x837, 0x2d6}}) openat$auto_kernfs_file_fops_kernfs_internal(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00/0000:00:01.3/vendor\x00', 0x0, 0x0) mprotect$auto(0x1ffff000, 0x8000000000000001, 0xd) mmap$auto(0xfffffffffffffff9, 0x20009, 0x4000000000df, 0xeb1, 0x401, 0xfffffffffffffff9) madvise$auto(0x0, 0x7fffffffffffffff, 0xa) close_range$auto(0x0, 0xfffffffffffff000, 0x2) r3 = open(&(0x7f00000000c0)='./cgroup\x00', 0x0, 0xb5d1af1605322df2) r4 = openat$auto_proc_single_file_operations_base(0xffffffffffffff9c, &(0x7f0000000040)='/proc/scsi/sg/version\x00', 0x8080, 0x0) lseek$auto(r4, 0x5, 0x0) mmap$auto(0x0, 0x2020009, 0x3, 0xeb1, 0xfffffffffffffffa, 0x8000) unshare$auto(0x40000080) setrlimit$auto(0x1000000007, 0x0) getrandom$auto(0x0, 0x6000000, 0x3) mmap$auto(0x0, 0x40009, 0xdf, 0x9b72, 0x7, 0x28000) mlockall$auto(0x7) shmat$auto(0x0, &(0x7f0000000580)='(\x00', 0xfffffffe) syz_clone3(&(0x7f0000000200)={0x383281180, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r3}}, 0x58) kernel console output (not intermixed with test programs): T15613] ? __pfx___sys_sendmmsg+0x10/0x10 [ 424.991864][T15613] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 424.997878][T15613] ? fput+0x67/0x440 [ 425.001802][T15613] ? ksys_write+0x1ba/0x250 [ 425.006338][T15613] ? __pfx_ksys_write+0x10/0x10 [ 425.011222][T15613] __x64_sys_sendmmsg+0x9c/0x100 [ 425.016195][T15613] do_syscall_64+0xcd/0x250 [ 425.020730][T15613] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 425.026654][T15613] RIP: 0033:0x7f9c85785d29 [ 425.031087][T15613] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 425.050723][T15613] RSP: 002b:00007f9c86535038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 425.059165][T15613] RAX: ffffffffffffffda RBX: 00007f9c85975fa0 RCX: 00007f9c85785d29 [ 425.067163][T15613] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 425.075158][T15613] RBP: 00007f9c86535090 R08: 0000000000000000 R09: 0000000000000000 [ 425.083164][T15613] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 425.091163][T15613] R13: 0000000000000000 R14: 00007f9c85975fa0 R15: 00007fff4faea168 [ 425.099166][T15613] [ 425.271554][T15630] netlink: 'syz.0.2572': attribute type 1 has an invalid length. [ 426.655427][ T5841] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 426.663244][ T5841] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 426.670871][ T5841] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 426.690037][ T5841] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 426.701834][ T5841] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 426.718748][ T5841] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 426.890943][T15711] chnl_net:caif_netlink_parms(): no params data found [ 426.972097][T15711] bridge0: port 1(bridge_slave_0) entered blocking state [ 426.979340][T15711] bridge0: port 1(bridge_slave_0) entered disabled state [ 426.988199][T15711] bridge_slave_0: entered allmulticast mode [ 427.002074][T15711] bridge_slave_0: entered promiscuous mode [ 427.023412][T15711] bridge0: port 2(bridge_slave_1) entered blocking state [ 427.037492][T15711] bridge0: port 2(bridge_slave_1) entered disabled state [ 427.045340][T15711] bridge_slave_1: entered allmulticast mode [ 427.052482][T15711] bridge_slave_1: entered promiscuous mode [ 427.115177][T15711] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 427.129727][T15711] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 427.182912][T15711] team0: Port device team_slave_0 added [ 427.198598][T15711] team0: Port device team_slave_1 added [ 427.246608][T15711] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 427.256668][T15711] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 427.283180][T15711] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 427.296352][T15711] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 427.303323][T15711] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 427.334086][T15711] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 427.391488][T15711] hsr_slave_0: entered promiscuous mode [ 427.414494][T15711] hsr_slave_1: entered promiscuous mode [ 427.431015][T15711] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 427.445698][T15711] Cannot create hsr debugfs directory [ 427.593576][T15711] bridge0: port 2(bridge_slave_1) entered blocking state [ 427.600754][T15711] bridge0: port 2(bridge_slave_1) entered forwarding state [ 427.608155][T15711] bridge0: port 1(bridge_slave_0) entered blocking state [ 427.615254][T15711] bridge0: port 1(bridge_slave_0) entered forwarding state [ 427.702595][T15711] 8021q: adding VLAN 0 to HW filter on device bond0 [ 427.706886][T15744] netlink: 'syz.0.2590': attribute type 1 has an invalid length. [ 427.720835][ T8779] bridge0: port 1(bridge_slave_0) entered disabled state [ 427.729916][ T8779] bridge0: port 2(bridge_slave_1) entered disabled state [ 427.745020][T15711] 8021q: adding VLAN 0 to HW filter on device team0 [ 427.768580][ T1109] bridge0: port 1(bridge_slave_0) entered blocking state [ 427.775714][ T1109] bridge0: port 1(bridge_slave_0) entered forwarding state [ 427.794471][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 427.801635][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 427.939877][T15711] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 428.145639][T15767] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 428.170564][T15711] veth0_vlan: entered promiscuous mode [ 428.181416][T15711] veth1_vlan: entered promiscuous mode [ 428.220221][T15711] veth0_macvtap: entered promiscuous mode [ 428.228627][T15711] veth1_macvtap: entered promiscuous mode [ 428.241486][T15711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 428.252046][T15711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 428.261995][T15711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 428.272657][T15711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 428.283872][T15711] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 428.298002][T15711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 428.308546][T15711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 428.318487][T15711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 428.329008][T15711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 428.338913][T15711] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 428.349561][T15711] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 428.360363][T15711] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 428.453838][ T1109] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 428.463698][ T1109] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 428.491875][ T7141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 428.502389][ T7141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 428.616060][T15774] FAULT_INJECTION: forcing a failure. [ 428.616060][T15774] name failslab, interval 1, probability 0, space 0, times 0 [ 428.630451][T15774] CPU: 0 UID: 0 PID: 15774 Comm: syz.1.2581 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 428.641256][T15774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 428.651341][T15774] Call Trace: [ 428.654645][T15774] [ 428.657600][T15774] dump_stack_lvl+0x16c/0x1f0 [ 428.662316][T15774] should_fail_ex+0x497/0x5b0 [ 428.667030][T15774] ? rcu_is_watching+0x12/0xc0 [ 428.671807][T15774] should_failslab+0xc2/0x120 [ 428.671845][T15774] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 428.681871][T15774] ? do_raw_spin_lock+0x12d/0x2c0 [ 428.686903][T15774] ? dst_alloc+0x99/0x1a0 [ 428.691255][T15774] dst_alloc+0x99/0x1a0 [ 428.695421][T15774] rt_dst_alloc+0x35/0x3a0 [ 428.699835][T15774] ip_route_output_key_hash_rcu+0x8a5/0x2770 [ 428.705831][T15774] ip_route_output_key_hash+0x138/0x2e0 [ 428.711426][T15774] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 428.717524][T15774] ? rcu_is_watching+0x12/0xc0 [ 428.722332][T15774] ? __pfx_lock_release+0x10/0x10 [ 428.727384][T15774] ? trace_lock_acquire+0x14e/0x1f0 [ 428.732621][T15774] ? udp_sendmsg+0x1d9a/0x29b0 [ 428.737429][T15774] ip_route_output_flow+0x27/0x150 [ 428.742577][T15774] udp_sendmsg+0x1b92/0x29b0 [ 428.747203][T15774] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 428.752782][T15774] ? __pfx_udp_sendmsg+0x10/0x10 [ 428.757750][T15774] ? do_raw_spin_unlock+0x172/0x230 [ 428.762976][T15774] ? rcu_is_watching+0x12/0xc0 [ 428.767769][T15774] ? __pfx_lock_release+0x10/0x10 [ 428.772814][T15774] ? __pfx___might_resched+0x10/0x10 [ 428.778124][T15774] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 428.784048][T15774] ? aa_sk_perm+0x2f5/0xb20 [ 428.788592][T15774] ? __pfx_udp_sendmsg+0x10/0x10 [ 428.793574][T15774] inet_sendmsg+0x105/0x140 [ 428.798092][T15774] ____sys_sendmsg+0x907/0xb40 [ 428.802940][T15774] ? copy_msghdr_from_user+0x10b/0x160 [ 428.808400][T15774] ? __pfx_____sys_sendmsg+0x10/0x10 [ 428.813682][T15774] ? kfree+0x274/0x4b0 [ 428.817746][T15774] ? __pfx__kstrtoull+0x10/0x10 [ 428.822585][T15774] ? lock_release+0x4e2/0x6f0 [ 428.827260][T15774] ___sys_sendmsg+0x135/0x1e0 [ 428.831937][T15774] ? __pfx____sys_sendmsg+0x10/0x10 [ 428.836889][ T5831] Bluetooth: hci1: command tx timeout [ 428.837124][T15774] ? __pfx_kstrtouint+0x10/0x10 [ 428.847395][T15774] ? rcu_is_watching+0x12/0xc0 [ 428.852187][T15774] ? __pfx___might_resched+0x10/0x10 [ 428.857490][T15774] ? __might_fault+0xe3/0x190 [ 428.862170][T15774] __sys_sendmmsg+0x201/0x420 [ 428.866855][T15774] ? __pfx___sys_sendmmsg+0x10/0x10 [ 428.872055][T15774] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 428.878121][T15774] ? fput+0x67/0x440 [ 428.882016][T15774] ? ksys_write+0x1ba/0x250 [ 428.886522][T15774] ? __pfx_ksys_write+0x10/0x10 [ 428.891387][T15774] __x64_sys_sendmmsg+0x9c/0x100 [ 428.896337][T15774] do_syscall_64+0xcd/0x250 [ 428.900848][T15774] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 428.906743][T15774] RIP: 0033:0x7f0212785d29 [ 428.911157][T15774] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 428.930765][T15774] RSP: 002b:00007f02135f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 428.939176][T15774] RAX: ffffffffffffffda RBX: 00007f0212975fa0 RCX: 00007f0212785d29 [ 428.947144][T15774] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 428.955119][T15774] RBP: 00007f02135f6090 R08: 0000000000000000 R09: 0000000000000000 [ 428.963097][T15774] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 428.971083][T15774] R13: 0000000000000000 R14: 00007f0212975fa0 R15: 00007ffc5b117078 [ 428.979069][T15774] [ 429.339381][T15791] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 429.999867][T15802] nbd: must specify a size in bytes for the device [ 430.044770][T15806] netlink: 'syz.3.2605': attribute type 1 has an invalid length. [ 430.522046][T15817] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 430.886212][ T5831] Bluetooth: hci1: command tx timeout [ 431.169272][T15864] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 431.218299][T15866] netlink: 'syz.3.2623': attribute type 11 has an invalid length. [ 431.456067][T15879] FAULT_INJECTION: forcing a failure. [ 431.456067][T15879] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 431.493509][T15879] CPU: 0 UID: 0 PID: 15879 Comm: syz.1.2626 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 431.504329][T15879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 431.514408][T15879] Call Trace: [ 431.517702][T15879] [ 431.520646][T15879] dump_stack_lvl+0x16c/0x1f0 [ 431.525353][T15879] should_fail_ex+0x497/0x5b0 [ 431.530060][T15879] _copy_from_user+0x2e/0xd0 [ 431.534684][T15879] copy_msghdr_from_user+0x99/0x160 [ 431.539906][T15879] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 431.545723][T15879] ? kfree+0x274/0x4b0 [ 431.549793][T15879] ? __pfx__kstrtoull+0x10/0x10 [ 431.555075][T15879] ? lock_release+0x4e2/0x6f0 [ 431.559753][T15879] ___sys_sendmsg+0xff/0x1e0 [ 431.564347][T15879] ? __pfx____sys_sendmsg+0x10/0x10 [ 431.569554][T15879] ? __pfx_kstrtouint+0x10/0x10 [ 431.574406][T15879] ? rcu_is_watching+0x12/0xc0 [ 431.579207][T15879] ? __pfx___might_resched+0x10/0x10 [ 431.584492][T15879] ? __might_fault+0xe3/0x190 [ 431.589195][T15879] __sys_sendmmsg+0x201/0x420 [ 431.593880][T15879] ? __pfx___sys_sendmmsg+0x10/0x10 [ 431.599084][T15879] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 431.605070][T15879] ? fput+0x67/0x440 [ 431.608967][T15879] ? ksys_write+0x1ba/0x250 [ 431.613478][T15879] ? __pfx_ksys_write+0x10/0x10 [ 431.618328][T15879] __x64_sys_sendmmsg+0x9c/0x100 [ 431.623274][T15879] do_syscall_64+0xcd/0x250 [ 431.627783][T15879] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 431.633687][T15879] RIP: 0033:0x7f0212785d29 [ 431.638102][T15879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 431.657711][T15879] RSP: 002b:00007f02135f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 431.666126][T15879] RAX: ffffffffffffffda RBX: 00007f0212975fa0 RCX: 00007f0212785d29 [ 431.674268][T15879] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 431.682234][T15879] RBP: 00007f02135f6090 R08: 0000000000000000 R09: 0000000000000000 [ 431.690201][T15879] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 431.698173][T15879] R13: 0000000000000000 R14: 00007f0212975fa0 R15: 00007ffc5b117078 [ 431.706152][T15879] [ 432.171195][T15892] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 432.577652][T15917] delete_channel: no stack [ 432.966248][ T5831] Bluetooth: hci1: command tx timeout [ 433.271419][T15928] ubi13: attaching mtd0 [ 433.278543][T15928] ubi13 error: ubi_attach_mtd_dev: bad VID header (13) or data offsets (77) [ 433.313605][T15932] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 433.737764][T15918] delete_channel: no stack [ 434.452159][T15963] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 434.640922][T15965] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 435.046237][ T5831] Bluetooth: hci1: command tx timeout [ 435.582607][T15989] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2660'. [ 435.737279][T15998] delete_channel: no stack [ 435.893298][T16003] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 436.034595][T16008] netlink: 'syz.1.2667': attribute type 1 has an invalid length. [ 436.077166][T16010] netlink: 'syz.2.2666': attribute type 1 has an invalid length. [ 437.691003][T16053] FAULT_INJECTION: forcing a failure. [ 437.691003][T16053] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 437.751951][T16053] CPU: 1 UID: 0 PID: 16053 Comm: syz.2.2677 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 437.762775][T16053] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 437.772851][T16053] Call Trace: [ 437.776138][T16053] [ 437.779080][T16053] dump_stack_lvl+0x16c/0x1f0 [ 437.783789][T16053] should_fail_ex+0x497/0x5b0 [ 437.788497][T16053] _copy_from_user+0x2e/0xd0 [ 437.793134][T16053] copy_msghdr_from_user+0x99/0x160 [ 437.798372][T16053] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 437.804230][T16053] ? kfree+0x274/0x4b0 [ 437.808326][T16053] ? __pfx__kstrtoull+0x10/0x10 [ 437.813222][T16053] ? lock_release+0x4e2/0x6f0 [ 437.817929][T16053] ___sys_sendmsg+0xff/0x1e0 [ 437.822558][T16053] ? __pfx____sys_sendmsg+0x10/0x10 [ 437.827789][T16053] ? __pfx_kstrtouint+0x10/0x10 [ 437.832674][T16053] ? rcu_is_watching+0x12/0xc0 [ 437.837470][T16053] ? __pfx___might_resched+0x10/0x10 [ 437.842794][T16053] ? __might_fault+0xe3/0x190 [ 437.847504][T16053] __sys_sendmmsg+0x201/0x420 [ 437.852217][T16053] ? __pfx___sys_sendmmsg+0x10/0x10 [ 437.857501][T16053] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 437.863518][T16053] ? fput+0x67/0x440 [ 437.867438][T16053] ? ksys_write+0x1ba/0x250 [ 437.871944][T16053] ? __pfx_ksys_write+0x10/0x10 [ 437.876826][T16053] __x64_sys_sendmmsg+0x9c/0x100 [ 437.881778][T16053] do_syscall_64+0xcd/0x250 [ 437.886289][T16053] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 437.892189][T16053] RIP: 0033:0x7f9c85785d29 [ 437.896605][T16053] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 437.916228][T16053] RSP: 002b:00007f9c86535038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 437.924643][T16053] RAX: ffffffffffffffda RBX: 00007f9c85975fa0 RCX: 00007f9c85785d29 [ 437.932613][T16053] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 437.940581][T16053] RBP: 00007f9c86535090 R08: 0000000000000000 R09: 0000000000000000 [ 437.948556][T16053] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 437.956524][T16053] R13: 0000000000000000 R14: 00007f9c85975fa0 R15: 00007fff4faea168 [ 437.964502][T16053] [ 438.092265][T16059] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2679'. [ 439.498563][T16084] FAULT_INJECTION: forcing a failure. [ 439.498563][T16084] name failslab, interval 1, probability 0, space 0, times 0 [ 439.518837][T16084] CPU: 0 UID: 0 PID: 16084 Comm: syz.3.2688 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 439.529741][T16084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 439.539817][T16084] Call Trace: [ 439.543105][T16084] [ 439.546047][T16084] dump_stack_lvl+0x16c/0x1f0 [ 439.550751][T16084] should_fail_ex+0x497/0x5b0 [ 439.555456][T16084] ? rcu_is_watching+0x12/0xc0 [ 439.560247][T16084] should_failslab+0xc2/0x120 [ 439.564960][T16084] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 439.570359][T16084] ? do_raw_spin_lock+0x12d/0x2c0 [ 439.575408][T16084] ? dst_alloc+0x99/0x1a0 [ 439.579766][T16084] dst_alloc+0x99/0x1a0 [ 439.583946][T16084] rt_dst_alloc+0x35/0x3a0 [ 439.588400][T16084] ip_route_output_key_hash_rcu+0x8a5/0x2770 [ 439.594412][T16084] ip_route_output_key_hash+0x138/0x2e0 [ 439.599983][T16084] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 439.606079][T16084] ? rcu_is_watching+0x12/0xc0 [ 439.610868][T16084] ? __pfx_lock_release+0x10/0x10 [ 439.615906][T16084] ? trace_lock_acquire+0x14e/0x1f0 [ 439.621132][T16084] ? udp_sendmsg+0x1d9a/0x29b0 [ 439.625926][T16084] ip_route_output_flow+0x27/0x150 [ 439.631063][T16084] udp_sendmsg+0x1b92/0x29b0 [ 439.635679][T16084] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 439.641253][T16084] ? __pfx_udp_sendmsg+0x10/0x10 [ 439.642387][T16071] futex_wake_op: syz.1.2682 tries to shift op by -1; fix this program [ 439.646201][T16084] ? do_raw_spin_unlock+0x172/0x230 [ 439.646233][T16084] ? rcu_is_watching+0x12/0xc0 [ 439.646260][T16084] ? __pfx_lock_release+0x10/0x10 [ 439.669395][T16084] ? __pfx___might_resched+0x10/0x10 [ 439.674700][T16084] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 439.680615][T16084] ? aa_sk_perm+0x2f5/0xb20 [ 439.685157][T16084] ? __pfx_udp_sendmsg+0x10/0x10 [ 439.690126][T16084] inet_sendmsg+0x105/0x140 [ 439.694655][T16084] ____sys_sendmsg+0x907/0xb40 [ 439.699443][T16084] ? copy_msghdr_from_user+0x10b/0x160 [ 439.704930][T16084] ? __pfx_____sys_sendmsg+0x10/0x10 [ 439.710239][T16084] ? kfree+0x274/0x4b0 [ 439.714336][T16084] ? __pfx__kstrtoull+0x10/0x10 [ 439.719207][T16084] ? lock_release+0x4e2/0x6f0 [ 439.723904][T16084] ___sys_sendmsg+0x135/0x1e0 [ 439.728609][T16084] ? __pfx____sys_sendmsg+0x10/0x10 [ 439.733832][T16084] ? __pfx_kstrtouint+0x10/0x10 [ 439.738710][T16084] ? rcu_is_watching+0x12/0xc0 [ 439.743505][T16084] ? __pfx___might_resched+0x10/0x10 [ 439.748809][T16084] ? __might_fault+0xe3/0x190 [ 439.753513][T16084] __sys_sendmmsg+0x201/0x420 [ 439.758221][T16084] ? __pfx___sys_sendmmsg+0x10/0x10 [ 439.763456][T16084] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 439.769468][T16084] ? fput+0x67/0x440 [ 439.773392][T16084] ? ksys_write+0x1ba/0x250 [ 439.777917][T16084] ? __pfx_ksys_write+0x10/0x10 [ 439.782799][T16084] __x64_sys_sendmmsg+0x9c/0x100 [ 439.787773][T16084] do_syscall_64+0xcd/0x250 [ 439.792311][T16084] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 439.798232][T16084] RIP: 0033:0x7f04e3985d29 [ 439.802668][T16084] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 439.822312][T16084] RSP: 002b:00007f04e475b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 439.830754][T16084] RAX: ffffffffffffffda RBX: 00007f04e3b75fa0 RCX: 00007f04e3985d29 [ 439.838751][T16084] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 439.846747][T16084] RBP: 00007f04e475b090 R08: 0000000000000000 R09: 0000000000000000 [ 439.854741][T16084] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 439.862735][T16084] R13: 0000000000000000 R14: 00007f04e3b75fa0 R15: 00007ffdadfd19e8 [ 439.870736][T16084] [ 440.729677][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 440.736166][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 441.815326][T16173] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2699'. [ 442.561295][T16196] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2707'. [ 442.574724][T16196] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2707'. [ 443.058477][T16216] netlink: 'syz.1.2713': attribute type 1 has an invalid length. [ 443.850776][T16226] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 444.067089][T16238] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2720'. [ 444.130781][T16238] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2720'. [ 444.463232][T16268] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2725'. [ 444.664014][T16277] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 444.974055][T16283] FAULT_INJECTION: forcing a failure. [ 444.974055][T16283] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 445.046300][T16283] CPU: 0 UID: 0 PID: 16283 Comm: syz.3.2727 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 445.057136][T16283] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 445.067189][T16283] Call Trace: [ 445.070462][T16283] [ 445.073388][T16283] dump_stack_lvl+0x16c/0x1f0 [ 445.078076][T16283] should_fail_ex+0x497/0x5b0 [ 445.082755][T16283] _copy_to_user+0x32/0xd0 [ 445.087178][T16283] simple_read_from_buffer+0xd0/0x160 [ 445.092557][T16283] proc_fail_nth_read+0x198/0x270 [ 445.097599][T16283] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 445.103150][T16283] ? bpf_lsm_file_permission+0x9/0x10 [ 445.108542][T16283] ? security_file_permission+0x71/0x210 [ 445.114177][T16283] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 445.119728][T16283] vfs_read+0x1df/0xbe0 [ 445.123891][T16283] ? __fget_files+0x1fc/0x3a0 [ 445.128571][T16283] ? __pfx___mutex_lock+0x10/0x10 [ 445.133597][T16283] ? __pfx_vfs_read+0x10/0x10 [ 445.138280][T16283] ? __fget_files+0x206/0x3a0 [ 445.142961][T16283] ksys_read+0x12b/0x250 [ 445.147200][T16283] ? __pfx_ksys_read+0x10/0x10 [ 445.151962][T16283] ? rcu_is_watching+0x12/0xc0 [ 445.156733][T16283] ? rcu_is_watching+0x12/0xc0 [ 445.161504][T16283] do_syscall_64+0xcd/0x250 [ 445.166037][T16283] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 445.171947][T16283] RIP: 0033:0x7f04e398473c [ 445.176358][T16283] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 445.195970][T16283] RSP: 002b:00007f04e475b030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 445.204382][T16283] RAX: ffffffffffffffda RBX: 00007f04e3b75fa0 RCX: 00007f04e398473c [ 445.212352][T16283] RDX: 000000000000000f RSI: 00007f04e475b0a0 RDI: 0000000000000004 [ 445.220321][T16283] RBP: 00007f04e475b090 R08: 0000000000000000 R09: 0000000000008000 [ 445.228288][T16283] R10: 0000000000009b72 R11: 0000000000000246 R12: 0000000000000001 [ 445.236257][T16283] R13: 0000000000000000 R14: 00007f04e3b75fa0 R15: 00007ffdadfd19e8 [ 445.244241][T16283] [ 445.269287][T16299] FAULT_INJECTION: forcing a failure. [ 445.269287][T16299] name failslab, interval 1, probability 0, space 0, times 0 [ 445.293269][T16302] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2731'. [ 445.303463][T16299] CPU: 1 UID: 0 PID: 16299 Comm: syz.1.2730 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 445.314258][T16299] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 445.324354][T16299] Call Trace: [ 445.327646][T16299] [ 445.330613][T16299] dump_stack_lvl+0x16c/0x1f0 [ 445.335316][T16299] should_fail_ex+0x497/0x5b0 [ 445.340016][T16299] ? rcu_is_watching+0x12/0xc0 [ 445.344888][T16299] should_failslab+0xc2/0x120 [ 445.349608][T16299] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 445.355011][T16299] ? do_raw_spin_lock+0x12d/0x2c0 [ 445.360067][T16299] ? dst_alloc+0x99/0x1a0 [ 445.364423][T16299] dst_alloc+0x99/0x1a0 [ 445.368612][T16299] rt_dst_alloc+0x35/0x3a0 [ 445.373064][T16299] ip_route_output_key_hash_rcu+0x8a5/0x2770 [ 445.379075][T16299] ip_route_output_key_hash+0x138/0x2e0 [ 445.384644][T16299] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 445.390734][T16299] ? rcu_is_watching+0x12/0xc0 [ 445.395531][T16299] ? __pfx_lock_release+0x10/0x10 [ 445.400573][T16299] ? trace_lock_acquire+0x14e/0x1f0 [ 445.405808][T16299] ? udp_sendmsg+0x1d9a/0x29b0 [ 445.410620][T16299] ip_route_output_flow+0x27/0x150 [ 445.415761][T16299] udp_sendmsg+0x1b92/0x29b0 [ 445.420389][T16299] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 445.425968][T16299] ? __pfx_udp_sendmsg+0x10/0x10 [ 445.430932][T16299] ? do_raw_spin_unlock+0x172/0x230 [ 445.436154][T16299] ? rcu_is_watching+0x12/0xc0 [ 445.440945][T16299] ? __pfx_lock_release+0x10/0x10 [ 445.445997][T16299] ? __pfx___might_resched+0x10/0x10 [ 445.451303][T16299] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 445.457223][T16299] ? aa_sk_perm+0x2f5/0xb20 [ 445.461764][T16299] ? __pfx_udp_sendmsg+0x10/0x10 [ 445.466736][T16299] inet_sendmsg+0x105/0x140 [ 445.471262][T16299] ____sys_sendmsg+0x907/0xb40 [ 445.476049][T16299] ? copy_msghdr_from_user+0x10b/0x160 [ 445.481535][T16299] ? __pfx_____sys_sendmsg+0x10/0x10 [ 445.486841][T16299] ? kfree+0x274/0x4b0 [ 445.490938][T16299] ? __pfx__kstrtoull+0x10/0x10 [ 445.495842][T16299] ? lock_release+0x4e2/0x6f0 [ 445.500540][T16299] ___sys_sendmsg+0x135/0x1e0 [ 445.505252][T16299] ? __pfx____sys_sendmsg+0x10/0x10 [ 445.510476][T16299] ? __pfx_kstrtouint+0x10/0x10 [ 445.515352][T16299] ? rcu_is_watching+0x12/0xc0 [ 445.520147][T16299] ? __pfx___might_resched+0x10/0x10 [ 445.525451][T16299] ? __might_fault+0xe3/0x190 [ 445.530162][T16299] __sys_sendmmsg+0x201/0x420 [ 445.534873][T16299] ? __pfx___sys_sendmmsg+0x10/0x10 [ 445.540104][T16299] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 445.546125][T16299] ? fput+0x67/0x440 [ 445.550053][T16299] ? ksys_write+0x1ba/0x250 [ 445.554583][T16299] ? __pfx_ksys_write+0x10/0x10 [ 445.559459][T16299] __x64_sys_sendmmsg+0x9c/0x100 [ 445.564433][T16299] do_syscall_64+0xcd/0x250 [ 445.568966][T16299] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 445.574888][T16299] RIP: 0033:0x7f0212785d29 [ 445.579316][T16299] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 445.598947][T16299] RSP: 002b:00007f02135f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 445.607390][T16299] RAX: ffffffffffffffda RBX: 00007f0212975fa0 RCX: 00007f0212785d29 [ 445.615418][T16299] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 445.623411][T16299] RBP: 00007f02135f6090 R08: 0000000000000000 R09: 0000000000000000 [ 445.631401][T16299] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 445.639393][T16299] R13: 0000000000000000 R14: 00007f0212975fa0 R15: 00007ffc5b117078 [ 445.647394][T16299] [ 445.656494][T16308] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 445.682095][T16302] bond0: (slave bond_slave_0): Releasing backup interface [ 445.751488][T16310] tipc: Started in network mode [ 445.756670][T16310] tipc: Node identity ee00, cluster identity 4711 [ 445.763198][T16310] tipc: Node number set to 60928 [ 445.939816][T16327] misc userio: The device must be registered before sending interrupts [ 447.524264][T16379] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2752'. [ 447.553906][T16379] nbd: must specify a size in bytes for the device [ 447.826472][T16388] netlink: 'syz.1.2754': attribute type 1 has an invalid length. [ 449.089289][T16416] FAULT_INJECTION: forcing a failure. [ 449.089289][T16416] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 449.126686][T16416] CPU: 1 UID: 0 PID: 16416 Comm: syz.3.2762 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 449.137516][T16416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 449.147597][T16416] Call Trace: [ 449.150895][T16416] [ 449.153840][T16416] dump_stack_lvl+0x16c/0x1f0 [ 449.158550][T16416] should_fail_ex+0x497/0x5b0 [ 449.163260][T16416] ? fs_reclaim_acquire+0xae/0x150 [ 449.168395][T16416] should_fail_alloc_page+0xe7/0x130 [ 449.173724][T16416] prepare_alloc_pages.constprop.0+0x16f/0x560 [ 449.179905][T16416] __alloc_pages_noprof+0x190/0x25b0 [ 449.185220][T16416] ? rcu_is_watching+0x12/0xc0 [ 449.190013][T16416] ? lock_release+0x4e2/0x6f0 [ 449.194717][T16416] ? rcu_is_watching+0x12/0xc0 [ 449.199514][T16416] ? page_ext_put+0x3e/0xd0 [ 449.204043][T16416] ? __pfx_lock_release+0x10/0x10 [ 449.209093][T16416] ? do_user_addr_fault+0x7a3/0x13f0 [ 449.214397][T16416] ? exc_page_fault+0x5c/0xc0 [ 449.219092][T16416] ? page_ext_get+0x34/0x310 [ 449.223693][T16416] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 449.229420][T16416] ? lock_release+0x4e2/0x6f0 [ 449.234092][T16416] ? rcu_is_watching+0x12/0xc0 [ 449.238855][T16416] ? page_ext_put+0x3e/0xd0 [ 449.243362][T16416] ? __pfx_lock_release+0x10/0x10 [ 449.248385][T16416] ? rcu_is_watching+0x12/0xc0 [ 449.253150][T16416] ? lock_release+0x4e2/0x6f0 [ 449.257823][T16416] ? is_bpf_text_address+0x8a/0x1a0 [ 449.263028][T16416] ? __pfx_lock_release+0x10/0x10 [ 449.268051][T16416] ? trace_lock_acquire+0x14e/0x1f0 [ 449.273254][T16416] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 449.279148][T16416] ? policy_nodemask+0xea/0x4e0 [ 449.284004][T16416] alloc_pages_mpol_noprof+0x2c9/0x610 [ 449.289473][T16416] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 449.295461][T16416] ? __kernel_text_address+0xd/0x40 [ 449.300657][T16416] ? unwind_get_return_address+0x59/0xa0 [ 449.306297][T16416] ? rcu_is_watching+0x12/0xc0 [ 449.311068][T16416] folio_alloc_mpol_noprof+0x36/0xd0 [ 449.316359][T16416] shmem_alloc_folio+0x135/0x160 [ 449.321322][T16416] shmem_alloc_and_add_folio+0x48b/0xc00 [ 449.326956][T16416] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 449.332850][T16416] ? __pfx_shmem_alloc_and_add_folio+0x10/0x10 [ 449.339004][T16416] ? shmem_huge_global_enabled+0x176/0x250 [ 449.344819][T16416] ? shmem_allowable_huge_orders+0xcd/0x3e0 [ 449.350714][T16416] shmem_get_folio_gfp+0x689/0x1530 [ 449.355916][T16416] ? __pfx_shmem_get_folio_gfp+0x10/0x10 [ 449.361547][T16416] ? filemap_map_pages+0xf92/0x16b0 [ 449.366753][T16416] shmem_fault+0x200/0xae0 [ 449.371170][T16416] ? __pfx_shmem_fault+0x10/0x10 [ 449.376110][T16416] ? rcu_is_watching+0x12/0xc0 [ 449.380886][T16416] ? lock_release+0x4e2/0x6f0 [ 449.385555][T16416] ? __pfx_filemap_map_pages+0x10/0x10 [ 449.391015][T16416] ? do_pte_missing+0xdd7/0x3e00 [ 449.395954][T16416] ? __pfx_lock_release+0x10/0x10 [ 449.400976][T16416] __do_fault+0x10a/0x490 [ 449.405304][T16416] do_pte_missing+0xebd/0x3e00 [ 449.410072][T16416] __handle_mm_fault+0x103c/0x2a40 [ 449.415189][T16416] ? __pfx___handle_mm_fault+0x10/0x10 [ 449.420654][T16416] ? find_vma+0xc0/0x140 [ 449.424900][T16416] ? __pfx_find_vma+0x10/0x10 [ 449.429574][T16416] handle_mm_fault+0x3fa/0xaa0 [ 449.434347][T16416] do_user_addr_fault+0x7a3/0x13f0 [ 449.439459][T16416] exc_page_fault+0x5c/0xc0 [ 449.443964][T16416] asm_exc_page_fault+0x26/0x30 [ 449.448816][T16416] RIP: 0010:rep_movs_alternative+0x13/0x70 [ 449.454631][T16416] Code: cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 83 f9 40 73 40 83 f9 08 73 21 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f [ 449.474244][T16416] RSP: 0018:ffffc900044ff9e0 EFLAGS: 00050202 [ 449.480317][T16416] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000000000007 [ 449.488284][T16416] RDX: fffff5200089ff4c RSI: 0000000000000000 RDI: ffffc900044ffa58 [ 449.496252][T16416] RBP: 0000000000000007 R08: 0000000000000001 R09: fffff5200089ff4b [ 449.504216][T16416] R10: ffffc900044ffa5e R11: 0000000000000000 R12: 0000000000000000 [ 449.512182][T16416] R13: ffffc900044ffa58 R14: 1ffff9200089ff45 R15: ffffc900044ffd80 [ 449.520162][T16416] _copy_from_user+0x9a/0xd0 [ 449.524762][T16416] ____sys_sendmsg+0x56e/0xb40 [ 449.529525][T16416] ? __pfx_____sys_sendmsg+0x10/0x10 [ 449.534808][T16416] ? _kstrtoull+0x146/0x200 [ 449.539308][T16416] ? __pfx__kstrtoull+0x10/0x10 [ 449.544155][T16416] ? lock_release+0x4e2/0x6f0 [ 449.548830][T16416] ___sys_sendmsg+0x135/0x1e0 [ 449.553514][T16416] ? __pfx____sys_sendmsg+0x10/0x10 [ 449.558717][T16416] ? __pfx_kstrtouint+0x10/0x10 [ 449.563571][T16416] ? trace_lock_acquire+0x14e/0x1f0 [ 449.568779][T16416] __sys_sendmmsg+0x201/0x420 [ 449.573462][T16416] ? __pfx___sys_sendmmsg+0x10/0x10 [ 449.578673][T16416] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 449.584664][T16416] ? fput+0x67/0x440 [ 449.588569][T16416] ? ksys_write+0x1ba/0x250 [ 449.593075][T16416] ? __pfx_ksys_write+0x10/0x10 [ 449.597927][T16416] __x64_sys_sendmmsg+0x9c/0x100 [ 449.602872][T16416] do_syscall_64+0xcd/0x250 [ 449.607379][T16416] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 449.613274][T16416] RIP: 0033:0x7f04e3985d29 [ 449.617685][T16416] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 449.637292][T16416] RSP: 002b:00007f04e475b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 449.645703][T16416] RAX: ffffffffffffffda RBX: 00007f04e3b75fa0 RCX: 00007f04e3985d29 [ 449.653673][T16416] RDX: 0000000000000007 RSI: 0000000020000200 RDI: 0000000000000003 [ 449.661639][T16416] RBP: 00007f04e475b090 R08: 0000000000000000 R09: 0000000000000000 [ 449.669611][T16416] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 449.677583][T16416] R13: 0000000000000000 R14: 00007f04e3b75fa0 R15: 00007ffdadfd19e8 [ 449.685555][T16416] [ 450.221137][T16432] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 450.441746][T16440] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 451.780304][T16472] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 452.300271][T16492] netlink: 'syz.3.2785': attribute type 1 has an invalid length. [ 452.425961][T16502] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 453.735179][T16528] FAULT_INJECTION: forcing a failure. [ 453.735179][T16528] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 453.780513][T16528] CPU: 0 UID: 0 PID: 16528 Comm: syz.2.2797 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 453.791339][T16528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 453.801418][T16528] Call Trace: [ 453.804707][T16528] [ 453.807651][T16528] dump_stack_lvl+0x16c/0x1f0 [ 453.812361][T16528] should_fail_ex+0x497/0x5b0 [ 453.817067][T16528] _copy_from_iter+0x4a5/0x1400 [ 453.821948][T16528] ? __pfx__copy_from_iter+0x10/0x10 [ 453.827262][T16528] ? __virt_addr_valid+0x1a4/0x590 [ 453.832409][T16528] ? __virt_addr_valid+0x5e/0x590 [ 453.837454][T16528] ? __phys_addr_symbol+0x30/0x80 [ 453.842487][T16528] ? __check_object_size+0x488/0x710 [ 453.847778][T16528] netlink_sendmsg+0x813/0xd70 [ 453.852545][T16528] ? __pfx_netlink_sendmsg+0x10/0x10 [ 453.857832][T16528] ____sys_sendmsg+0x9ae/0xb40 [ 453.862601][T16528] ? __pfx_____sys_sendmsg+0x10/0x10 [ 453.867892][T16528] ? _kstrtoull+0x146/0x200 [ 453.872397][T16528] ? __pfx__kstrtoull+0x10/0x10 [ 453.877259][T16528] ? lock_release+0x4e2/0x6f0 [ 453.881937][T16528] ___sys_sendmsg+0x135/0x1e0 [ 453.886622][T16528] ? __pfx____sys_sendmsg+0x10/0x10 [ 453.891824][T16528] ? __pfx_kstrtouint+0x10/0x10 [ 453.896683][T16528] ? trace_lock_acquire+0x14e/0x1f0 [ 453.901892][T16528] __sys_sendmmsg+0x201/0x420 [ 453.906574][T16528] ? __pfx___sys_sendmmsg+0x10/0x10 [ 453.911781][T16528] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 453.917769][T16528] ? fput+0x67/0x440 [ 453.921664][T16528] ? ksys_write+0x1ba/0x250 [ 453.926168][T16528] ? __pfx_ksys_write+0x10/0x10 [ 453.931018][T16528] __x64_sys_sendmmsg+0x9c/0x100 [ 453.935959][T16528] do_syscall_64+0xcd/0x250 [ 453.940465][T16528] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 453.946367][T16528] RIP: 0033:0x7f9c85785d29 [ 453.950781][T16528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 453.970404][T16528] RSP: 002b:00007f9c86535038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 453.978825][T16528] RAX: ffffffffffffffda RBX: 00007f9c85975fa0 RCX: 00007f9c85785d29 [ 453.986799][T16528] RDX: 0000000000000007 RSI: 0000000020000200 RDI: 0000000000000003 [ 453.994788][T16528] RBP: 00007f9c86535090 R08: 0000000000000000 R09: 0000000000000000 [ 454.002765][T16528] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 454.010749][T16528] R13: 0000000000000000 R14: 00007f9c85975fa0 R15: 00007fff4faea168 [ 454.018730][T16528] [ 454.034430][T16531] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 454.161988][T16540] netlink: 'syz.2.2801': attribute type 1 has an invalid length. [ 454.861668][T16561] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2805'. [ 455.133057][T16570] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 455.189408][T16572] FAULT_INJECTION: forcing a failure. [ 455.189408][T16572] name failslab, interval 1, probability 0, space 0, times 0 [ 455.203871][T16572] CPU: 1 UID: 0 PID: 16572 Comm: syz.2.2810 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 455.214680][T16572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 455.224762][T16572] Call Trace: [ 455.228058][T16572] [ 455.231024][T16572] dump_stack_lvl+0x16c/0x1f0 [ 455.235738][T16572] should_fail_ex+0x497/0x5b0 [ 455.240447][T16572] should_failslab+0xc2/0x120 [ 455.245159][T16572] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 455.250566][T16572] ? skb_clone+0x190/0x3f0 [ 455.255019][T16572] skb_clone+0x190/0x3f0 [ 455.259300][T16572] netlink_deliver_tap+0xafd/0xca0 [ 455.264443][T16572] netlink_unicast+0x5e1/0x7f0 [ 455.269240][T16572] ? __pfx_netlink_unicast+0x10/0x10 [ 455.274556][T16572] ? __phys_addr_symbol+0x30/0x80 [ 455.279611][T16572] ? __check_object_size+0x488/0x710 [ 455.284936][T16572] netlink_sendmsg+0x8b8/0xd70 [ 455.289735][T16572] ? __pfx_netlink_sendmsg+0x10/0x10 [ 455.295064][T16572] ____sys_sendmsg+0x9ae/0xb40 [ 455.299865][T16572] ? __pfx_____sys_sendmsg+0x10/0x10 [ 455.305179][T16572] ? _kstrtoull+0x146/0x200 [ 455.309709][T16572] ? __pfx__kstrtoull+0x10/0x10 [ 455.314580][T16572] ? lock_release+0x4e2/0x6f0 [ 455.319279][T16572] ___sys_sendmsg+0x135/0x1e0 [ 455.324014][T16572] ? __pfx____sys_sendmsg+0x10/0x10 [ 455.329254][T16572] ? __pfx_kstrtouint+0x10/0x10 [ 455.334137][T16572] ? trace_lock_acquire+0x14e/0x1f0 [ 455.339382][T16572] __sys_sendmmsg+0x201/0x420 [ 455.344099][T16572] ? __pfx___sys_sendmmsg+0x10/0x10 [ 455.349338][T16572] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 455.355357][T16572] ? fput+0x67/0x440 [ 455.359290][T16572] ? ksys_write+0x1ba/0x250 [ 455.363824][T16572] ? __pfx_ksys_write+0x10/0x10 [ 455.368707][T16572] __x64_sys_sendmmsg+0x9c/0x100 [ 455.373685][T16572] do_syscall_64+0xcd/0x250 [ 455.378224][T16572] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 455.384149][T16572] RIP: 0033:0x7f9c85785d29 [ 455.388589][T16572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 455.408230][T16572] RSP: 002b:00007f9c86535038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 455.416680][T16572] RAX: ffffffffffffffda RBX: 00007f9c85975fa0 RCX: 00007f9c85785d29 [ 455.424679][T16572] RDX: 0000000000000007 RSI: 0000000020000200 RDI: 0000000000000003 [ 455.432679][T16572] RBP: 00007f9c86535090 R08: 0000000000000000 R09: 0000000000000000 [ 455.440677][T16572] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000001 [ 455.448679][T16572] R13: 0000000000000000 R14: 00007f9c85975fa0 R15: 00007fff4faea168 [ 455.456695][T16572] [ 455.788044][T16576] blktrace: Concurrent blktraces are not allowed on sg0 [ 455.976930][T16583] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2815'. [ 456.152770][T16589] netlink: 'syz.3.2818': attribute type 1 has an invalid length. [ 456.308319][T16601] FAULT_INJECTION: forcing a failure. [ 456.308319][T16601] name failslab, interval 1, probability 0, space 0, times 0 [ 456.356239][T16601] CPU: 0 UID: 0 PID: 16601 Comm: syz.2.2820 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 456.367050][T16601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 456.377105][T16601] Call Trace: [ 456.380378][T16601] [ 456.383302][T16601] dump_stack_lvl+0x16c/0x1f0 [ 456.387985][T16601] should_fail_ex+0x497/0x5b0 [ 456.392667][T16601] ? fs_reclaim_acquire+0xae/0x150 [ 456.397786][T16601] should_failslab+0xc2/0x120 [ 456.402469][T16601] __kmalloc_noprof+0xce/0x4f0 [ 456.407237][T16601] ? __pfx___mutex_lock+0x10/0x10 [ 456.412265][T16601] ? genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 456.419555][T16601] genl_family_rcv_msg_attrs_parse.constprop.0+0xc8/0x290 [ 456.426676][T16601] genl_start+0x18e/0x960 [ 456.431012][T16601] __netlink_dump_start+0x615/0x980 [ 456.436216][T16601] genl_family_rcv_msg_dumpit+0x1e1/0x2e0 [ 456.441938][T16601] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 456.448182][T16601] ? genl_rcv_msg+0x580/0x800 [ 456.452861][T16601] ? __pfx_genl_get_cmd+0x10/0x10 [ 456.457893][T16601] ? __pfx_genl_start+0x10/0x10 [ 456.462747][T16601] ? __pfx_genl_dumpit+0x10/0x10 [ 456.467688][T16601] ? __pfx_genl_done+0x10/0x10 [ 456.472464][T16601] ? __dev_queue_xmit+0x89b/0x43e0 [ 456.477579][T16601] ? __radix_tree_lookup+0x21f/0x2c0 [ 456.482868][T16601] genl_rcv_msg+0x470/0x800 [ 456.487376][T16601] ? __pfx_genl_rcv_msg+0x10/0x10 [ 456.492399][T16601] ? __pfx_smc_nl_get_sys_info+0x10/0x10 [ 456.498049][T16601] netlink_rcv_skb+0x165/0x410 [ 456.502812][T16601] ? __pfx_genl_rcv_msg+0x10/0x10 [ 456.507842][T16601] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 456.513131][T16601] ? down_read+0xc9/0x330 [ 456.517465][T16601] ? __pfx_down_read+0x10/0x10 [ 456.522230][T16601] ? netlink_deliver_tap+0x1ae/0xca0 [ 456.527515][T16601] genl_rcv+0x28/0x40 [ 456.531501][T16601] netlink_unicast+0x53c/0x7f0 [ 456.536276][T16601] ? __pfx_netlink_unicast+0x10/0x10 [ 456.541564][T16601] ? __phys_addr_symbol+0x30/0x80 [ 456.546590][T16601] ? __check_object_size+0x488/0x710 [ 456.551885][T16601] netlink_sendmsg+0x8b8/0xd70 [ 456.556652][T16601] ? __pfx_netlink_sendmsg+0x10/0x10 [ 456.561947][T16601] ____sys_sendmsg+0x9ae/0xb40 [ 456.566716][T16601] ? __pfx_____sys_sendmsg+0x10/0x10 [ 456.572004][T16601] ? _kstrtoull+0x146/0x200 [ 456.576506][T16601] ? __pfx__kstrtoull+0x10/0x10 [ 456.581354][T16601] ? lock_release+0x4e2/0x6f0 [ 456.586027][T16601] ___sys_sendmsg+0x135/0x1e0 [ 456.590722][T16601] ? __pfx____sys_sendmsg+0x10/0x10 [ 456.595927][T16601] ? __pfx_kstrtouint+0x10/0x10 [ 456.600784][T16601] ? trace_lock_acquire+0x14e/0x1f0 [ 456.605995][T16601] __sys_sendmmsg+0x201/0x420 [ 456.610680][T16601] ? __pfx___sys_sendmmsg+0x10/0x10 [ 456.615895][T16601] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 456.621883][T16601] ? fput+0x67/0x440 [ 456.625782][T16601] ? ksys_write+0x1ba/0x250 [ 456.630284][T16601] ? __pfx_ksys_write+0x10/0x10 [ 456.635137][T16601] __x64_sys_sendmmsg+0x9c/0x100 [ 456.640083][T16601] do_syscall_64+0xcd/0x250 [ 456.644594][T16601] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 456.650492][T16601] RIP: 0033:0x7f9c85785d29 [ 456.654902][T16601] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 456.674599][T16601] RSP: 002b:00007f9c86535038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 456.683011][T16601] RAX: ffffffffffffffda RBX: 00007f9c85975fa0 RCX: 00007f9c85785d29 [ 456.690979][T16601] RDX: 0000000000000007 RSI: 0000000020000200 RDI: 0000000000000003 [ 456.698950][T16601] RBP: 00007f9c86535090 R08: 0000000000000000 R09: 0000000000000000 [ 456.706920][T16601] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000002 [ 456.714890][T16601] R13: 0000000000000000 R14: 00007f9c85975fa0 R15: 00007fff4faea168 [ 456.722901][T16601] [ 456.870293][T16606] mkiss: ax0: crc mode is auto. [ 457.531946][T16628] FAULT_INJECTION: forcing a failure. [ 457.531946][T16628] name failslab, interval 1, probability 0, space 0, times 0 [ 457.544809][T16628] CPU: 1 UID: 0 PID: 16628 Comm: syz.0.2828 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 457.555611][T16628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 457.565692][T16628] Call Trace: [ 457.568985][T16628] [ 457.571939][T16628] dump_stack_lvl+0x16c/0x1f0 [ 457.576643][T16628] should_fail_ex+0x497/0x5b0 [ 457.581325][T16628] ? rcu_is_watching+0x12/0xc0 [ 457.586101][T16628] should_failslab+0xc2/0x120 [ 457.590786][T16628] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 457.596161][T16628] ? do_raw_spin_lock+0x12d/0x2c0 [ 457.601185][T16628] ? dst_alloc+0x99/0x1a0 [ 457.605520][T16628] dst_alloc+0x99/0x1a0 [ 457.609678][T16628] rt_dst_alloc+0x35/0x3a0 [ 457.614103][T16628] ip_route_output_key_hash_rcu+0x8a5/0x2770 [ 457.620095][T16628] ip_route_output_key_hash+0x138/0x2e0 [ 457.625730][T16628] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 457.631800][T16628] ? rcu_is_watching+0x12/0xc0 [ 457.636571][T16628] ? __pfx_lock_release+0x10/0x10 [ 457.641600][T16628] ? trace_lock_acquire+0x14e/0x1f0 [ 457.646807][T16628] ? udp_sendmsg+0x1d9a/0x29b0 [ 457.651586][T16628] ip_route_output_flow+0x27/0x150 [ 457.656706][T16628] udp_sendmsg+0x1b92/0x29b0 [ 457.661304][T16628] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 457.666855][T16628] ? __pfx_udp_sendmsg+0x10/0x10 [ 457.671796][T16628] ? do_raw_spin_unlock+0x172/0x230 [ 457.676998][T16628] ? rcu_is_watching+0x12/0xc0 [ 457.681764][T16628] ? __pfx_lock_release+0x10/0x10 [ 457.686783][T16628] ? __pfx___might_resched+0x10/0x10 [ 457.692073][T16628] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 457.697966][T16628] ? aa_sk_perm+0x2f5/0xb20 [ 457.702476][T16628] ? __pfx_udp_sendmsg+0x10/0x10 [ 457.707425][T16628] inet_sendmsg+0x105/0x140 [ 457.711924][T16628] ____sys_sendmsg+0x907/0xb40 [ 457.716689][T16628] ? copy_msghdr_from_user+0x10b/0x160 [ 457.722151][T16628] ? __pfx_____sys_sendmsg+0x10/0x10 [ 457.727436][T16628] ? kfree+0x274/0x4b0 [ 457.731503][T16628] ? __pfx__kstrtoull+0x10/0x10 [ 457.736350][T16628] ? lock_release+0x4e2/0x6f0 [ 457.741027][T16628] ___sys_sendmsg+0x135/0x1e0 [ 457.745709][T16628] ? __pfx____sys_sendmsg+0x10/0x10 [ 457.750917][T16628] ? __pfx_kstrtouint+0x10/0x10 [ 457.755779][T16628] ? rcu_is_watching+0x12/0xc0 [ 457.760557][T16628] ? __pfx___might_resched+0x10/0x10 [ 457.765863][T16628] ? __might_fault+0xe3/0x190 [ 457.770562][T16628] __sys_sendmmsg+0x201/0x420 [ 457.775274][T16628] ? __pfx___sys_sendmmsg+0x10/0x10 [ 457.780489][T16628] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 457.786482][T16628] ? fput+0x67/0x440 [ 457.790384][T16628] ? ksys_write+0x1ba/0x250 [ 457.794889][T16628] ? __pfx_ksys_write+0x10/0x10 [ 457.799740][T16628] __x64_sys_sendmmsg+0x9c/0x100 [ 457.804689][T16628] do_syscall_64+0xcd/0x250 [ 457.809195][T16628] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 457.815093][T16628] RIP: 0033:0x7f3e0af85d29 [ 457.819506][T16628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 457.839213][T16628] RSP: 002b:00007f3e0bd87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 457.847631][T16628] RAX: ffffffffffffffda RBX: 00007f3e0b175fa0 RCX: 00007f3e0af85d29 [ 457.855621][T16628] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 457.863605][T16628] RBP: 00007f3e0bd87090 R08: 0000000000000000 R09: 0000000000000000 [ 457.871578][T16628] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 457.879557][T16628] R13: 0000000000000000 R14: 00007f3e0b175fa0 R15: 00007ffcfa0bd418 [ 457.887532][T16628] [ 457.951730][T16630] netlink: 342 bytes leftover after parsing attributes in process `syz.0.2829'. [ 458.345378][T16650] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2836'. [ 458.533798][T16656] FAULT_INJECTION: forcing a failure. [ 458.533798][T16656] name failslab, interval 1, probability 0, space 0, times 0 [ 458.562543][T16656] CPU: 1 UID: 0 PID: 16656 Comm: syz.1.2837 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 458.573365][T16656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 458.583446][T16656] Call Trace: [ 458.586740][T16656] [ 458.589684][T16656] dump_stack_lvl+0x16c/0x1f0 [ 458.594396][T16656] should_fail_ex+0x497/0x5b0 [ 458.599104][T16656] ? rcu_is_watching+0x12/0xc0 [ 458.603902][T16656] should_failslab+0xc2/0x120 [ 458.608615][T16656] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 458.614012][T16656] ? do_raw_spin_lock+0x12d/0x2c0 [ 458.619061][T16656] ? dst_alloc+0x99/0x1a0 [ 458.623413][T16656] dst_alloc+0x99/0x1a0 [ 458.627594][T16656] rt_dst_alloc+0x35/0x3a0 [ 458.632044][T16656] ip_route_output_key_hash_rcu+0x8a5/0x2770 [ 458.638053][T16656] ip_route_output_key_hash+0x138/0x2e0 [ 458.643633][T16656] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 458.649734][T16656] ? rcu_is_watching+0x12/0xc0 [ 458.654529][T16656] ? __pfx_lock_release+0x10/0x10 [ 458.659577][T16656] ? trace_lock_acquire+0x14e/0x1f0 [ 458.664805][T16656] ? udp_sendmsg+0x1d9a/0x29b0 [ 458.669605][T16656] ip_route_output_flow+0x27/0x150 [ 458.674746][T16656] udp_sendmsg+0x1b92/0x29b0 [ 458.679371][T16656] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 458.684952][T16656] ? __pfx_udp_sendmsg+0x10/0x10 [ 458.689925][T16656] ? do_raw_spin_unlock+0x172/0x230 [ 458.695155][T16656] ? rcu_is_watching+0x12/0xc0 [ 458.699955][T16656] ? __pfx_lock_release+0x10/0x10 [ 458.705005][T16656] ? __pfx___might_resched+0x10/0x10 [ 458.710319][T16656] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 458.716242][T16656] ? aa_sk_perm+0x2f5/0xb20 [ 458.720782][T16656] ? __pfx_udp_sendmsg+0x10/0x10 [ 458.725757][T16656] inet_sendmsg+0x105/0x140 [ 458.730290][T16656] ____sys_sendmsg+0x907/0xb40 [ 458.735081][T16656] ? copy_msghdr_from_user+0x10b/0x160 [ 458.740578][T16656] ? __pfx_____sys_sendmsg+0x10/0x10 [ 458.745891][T16656] ? kfree+0x274/0x4b0 [ 458.749987][T16656] ? __pfx__kstrtoull+0x10/0x10 [ 458.754950][T16656] ? lock_release+0x4e2/0x6f0 [ 458.759652][T16656] ___sys_sendmsg+0x135/0x1e0 [ 458.764369][T16656] ? __pfx____sys_sendmsg+0x10/0x10 [ 458.769603][T16656] ? __pfx_kstrtouint+0x10/0x10 [ 458.774487][T16656] ? rcu_is_watching+0x12/0xc0 [ 458.779287][T16656] ? __pfx___might_resched+0x10/0x10 [ 458.784597][T16656] ? __might_fault+0xe3/0x190 [ 458.789314][T16656] __sys_sendmmsg+0x201/0x420 [ 458.794036][T16656] ? __pfx___sys_sendmmsg+0x10/0x10 [ 458.799276][T16656] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 458.805298][T16656] ? fput+0x67/0x440 [ 458.809227][T16656] ? ksys_write+0x1ba/0x250 [ 458.813786][T16656] ? __pfx_ksys_write+0x10/0x10 [ 458.818669][T16656] __x64_sys_sendmmsg+0x9c/0x100 [ 458.823665][T16656] do_syscall_64+0xcd/0x250 [ 458.828206][T16656] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 458.834133][T16656] RIP: 0033:0x7f0212785d29 [ 458.838572][T16656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 458.858208][T16656] RSP: 002b:00007f02135f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 458.866650][T16656] RAX: ffffffffffffffda RBX: 00007f0212975fa0 RCX: 00007f0212785d29 [ 458.874663][T16656] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 458.882666][T16656] RBP: 00007f02135f6090 R08: 0000000000000000 R09: 0000000000000000 [ 458.890676][T16656] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 458.898673][T16656] R13: 0000000000000000 R14: 00007f0212975fa0 R15: 00007ffc5b117078 [ 458.906679][T16656] [ 460.109481][T16676] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 460.272654][T16705] FAULT_INJECTION: forcing a failure. [ 460.272654][T16705] name failslab, interval 1, probability 0, space 0, times 0 [ 460.285564][T16705] CPU: 0 UID: 0 PID: 16705 Comm: syz.1.2847 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 460.296358][T16705] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 460.306437][T16705] Call Trace: [ 460.309730][T16705] [ 460.312675][T16705] dump_stack_lvl+0x16c/0x1f0 [ 460.317384][T16705] should_fail_ex+0x497/0x5b0 [ 460.322089][T16705] ? fs_reclaim_acquire+0xae/0x150 [ 460.327227][T16705] should_failslab+0xc2/0x120 [ 460.331939][T16705] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 460.337777][T16705] ? __alloc_skb+0x2b3/0x380 [ 460.342421][T16705] ? genl_start+0x1e7/0x960 [ 460.346952][T16705] __alloc_skb+0x2b3/0x380 [ 460.351403][T16705] ? __pfx___alloc_skb+0x10/0x10 [ 460.356367][T16705] ? do_syscall_64+0xcd/0x250 [ 460.361070][T16705] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.367166][T16705] netlink_dump+0x699/0xd00 [ 460.371691][T16705] ? __pfx_netlink_dump+0x10/0x10 [ 460.376745][T16705] ? kasan_save_track+0x14/0x30 [ 460.381630][T16705] ? __kasan_kmalloc+0xaa/0xb0 [ 460.386424][T16705] ? genl_start+0x67d/0x960 [ 460.390950][T16705] __netlink_dump_start+0x6d9/0x980 [ 460.396173][T16705] genl_family_rcv_msg_dumpit+0x1e1/0x2e0 [ 460.401925][T16705] ? __pfx_genl_family_rcv_msg_dumpit+0x10/0x10 [ 460.408188][T16705] ? genl_rcv_msg+0x580/0x800 [ 460.412902][T16705] ? __pfx_genl_get_cmd+0x10/0x10 [ 460.417946][T16705] ? __pfx_genl_start+0x10/0x10 [ 460.422821][T16705] ? __pfx_genl_dumpit+0x10/0x10 [ 460.427784][T16705] ? __pfx_genl_done+0x10/0x10 [ 460.432573][T16705] ? __dev_queue_xmit+0x89b/0x43e0 [ 460.437710][T16705] ? __radix_tree_lookup+0x21f/0x2c0 [ 460.443024][T16705] genl_rcv_msg+0x470/0x800 [ 460.447555][T16705] ? __pfx_genl_rcv_msg+0x10/0x10 [ 460.452604][T16705] ? __pfx_smc_nl_get_sys_info+0x10/0x10 [ 460.458278][T16705] netlink_rcv_skb+0x165/0x410 [ 460.463063][T16705] ? __pfx_genl_rcv_msg+0x10/0x10 [ 460.468112][T16705] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 460.473429][T16705] ? down_read+0xc9/0x330 [ 460.477782][T16705] ? __pfx_down_read+0x10/0x10 [ 460.482574][T16705] ? netlink_deliver_tap+0x1ae/0xca0 [ 460.487880][T16705] genl_rcv+0x28/0x40 [ 460.491869][T16705] netlink_unicast+0x53c/0x7f0 [ 460.496638][T16705] ? __pfx_netlink_unicast+0x10/0x10 [ 460.501923][T16705] ? __phys_addr_symbol+0x30/0x80 [ 460.506947][T16705] ? __check_object_size+0x488/0x710 [ 460.512240][T16705] netlink_sendmsg+0x8b8/0xd70 [ 460.517005][T16705] ? __pfx_netlink_sendmsg+0x10/0x10 [ 460.522321][T16705] ____sys_sendmsg+0x9ae/0xb40 [ 460.527087][T16705] ? __pfx_____sys_sendmsg+0x10/0x10 [ 460.532375][T16705] ? _kstrtoull+0x146/0x200 [ 460.536966][T16705] ? __pfx__kstrtoull+0x10/0x10 [ 460.541817][T16705] ? lock_release+0x4e2/0x6f0 [ 460.546493][T16705] ___sys_sendmsg+0x135/0x1e0 [ 460.551176][T16705] ? __pfx____sys_sendmsg+0x10/0x10 [ 460.556387][T16705] ? __pfx_kstrtouint+0x10/0x10 [ 460.561263][T16705] ? trace_lock_acquire+0x14e/0x1f0 [ 460.566477][T16705] __sys_sendmmsg+0x201/0x420 [ 460.571162][T16705] ? __pfx___sys_sendmmsg+0x10/0x10 [ 460.576384][T16705] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 460.582371][T16705] ? fput+0x67/0x440 [ 460.586273][T16705] ? ksys_write+0x1ba/0x250 [ 460.590790][T16705] ? __pfx_ksys_write+0x10/0x10 [ 460.595651][T16705] __x64_sys_sendmmsg+0x9c/0x100 [ 460.600599][T16705] do_syscall_64+0xcd/0x250 [ 460.605109][T16705] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 460.611006][T16705] RIP: 0033:0x7f0212785d29 [ 460.615418][T16705] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 460.635025][T16705] RSP: 002b:00007f02135f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 460.643454][T16705] RAX: ffffffffffffffda RBX: 00007f0212975fa0 RCX: 00007f0212785d29 [ 460.651435][T16705] RDX: 0000000000000007 RSI: 0000000020000200 RDI: 0000000000000003 [ 460.659409][T16705] RBP: 00007f02135f6090 R08: 0000000000000000 R09: 0000000000000000 [ 460.667381][T16705] R10: 0000000000004008 R11: 0000000000000246 R12: 0000000000000002 [ 460.675355][T16705] R13: 0000000000000000 R14: 00007f0212975fa0 R15: 00007ffc5b117078 [ 460.683332][T16705] [ 460.686453][ C0] vkms_vblank_simulate: vblank timer overrun [ 460.740027][T16707] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 460.908462][T16714] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 461.827062][T16735] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2857'. [ 462.949204][T16763] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 463.821575][T16799] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 464.278295][T16818] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2881'. [ 464.316485][T16818] netlink: 330 bytes leftover after parsing attributes in process `syz.0.2881'. [ 464.823590][T16837] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 465.154052][T16827] device-mapper: ioctl: Invalid ioctl structure: uuid , name , dev 8000000006 [ 465.256260][T16827] device-mapper: ioctl: ioctl interface mismatch: kernel(4.48.0), user(0.0.0), cmd(6) [ 465.338777][T16827] device-mapper: ioctl: Invalid data size in the ioctl structure: 0 [ 465.395600][T16849] FAULT_INJECTION: forcing a failure. [ 465.395600][T16849] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 465.456275][T16849] CPU: 0 UID: 0 PID: 16849 Comm: syz.1.2892 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 465.467101][T16849] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 465.477180][T16849] Call Trace: [ 465.480472][T16849] [ 465.483416][T16849] dump_stack_lvl+0x16c/0x1f0 [ 465.488124][T16849] should_fail_ex+0x497/0x5b0 [ 465.492835][T16849] _copy_from_user+0x2e/0xd0 [ 465.497458][T16849] copy_msghdr_from_user+0x99/0x160 [ 465.502689][T16849] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 465.508608][T16849] ? kfree+0x274/0x4b0 [ 465.512707][T16849] ? __pfx__kstrtoull+0x10/0x10 [ 465.517770][T16849] ? lock_release+0x4e2/0x6f0 [ 465.522478][T16849] ___sys_sendmsg+0xff/0x1e0 [ 465.527108][T16849] ? __pfx____sys_sendmsg+0x10/0x10 [ 465.532338][T16849] ? __pfx_kstrtouint+0x10/0x10 [ 465.537219][T16849] ? rcu_is_watching+0x12/0xc0 [ 465.542017][T16849] ? __pfx___might_resched+0x10/0x10 [ 465.547328][T16849] ? __might_fault+0xe3/0x190 [ 465.552044][T16849] __sys_sendmmsg+0x201/0x420 [ 465.556763][T16849] ? __pfx___sys_sendmmsg+0x10/0x10 [ 465.561999][T16849] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 465.568010][T16849] ? fput+0x67/0x440 [ 465.571933][T16849] ? ksys_write+0x1ba/0x250 [ 465.576467][T16849] ? __pfx_ksys_write+0x10/0x10 [ 465.581350][T16849] __x64_sys_sendmmsg+0x9c/0x100 [ 465.586321][T16849] do_syscall_64+0xcd/0x250 [ 465.590856][T16849] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 465.596783][T16849] RIP: 0033:0x7f0212785d29 [ 465.601214][T16849] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 465.620848][T16849] RSP: 002b:00007f02135f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 465.629295][T16849] RAX: ffffffffffffffda RBX: 00007f0212975fa0 RCX: 00007f0212785d29 [ 465.637293][T16849] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 465.645291][T16849] RBP: 00007f02135f6090 R08: 0000000000000000 R09: 0000000000000000 [ 465.653285][T16849] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 465.661282][T16849] R13: 0000000000000000 R14: 00007f0212975fa0 R15: 00007ffc5b117078 [ 465.669284][T16849] [ 465.804250][T16861] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2896'. [ 465.824801][T16861] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2896'. [ 465.977622][T16870] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 466.877539][T16888] crash hp: kexec_trylock() failed, kdump image may be inaccurate [ 467.307757][T16904] FAULT_INJECTION: forcing a failure. [ 467.307757][T16904] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 467.381978][T16904] CPU: 0 UID: 0 PID: 16904 Comm: syz.0.2906 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 467.392801][T16904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 467.402882][T16904] Call Trace: [ 467.406203][T16904] [ 467.409136][T16904] dump_stack_lvl+0x16c/0x1f0 [ 467.413834][T16904] should_fail_ex+0x497/0x5b0 [ 467.418521][T16904] _copy_from_user+0x2e/0xd0 [ 467.423119][T16904] copy_msghdr_from_user+0x99/0x160 [ 467.428335][T16904] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 467.434166][T16904] ? kfree+0x274/0x4b0 [ 467.438237][T16904] ? __pfx__kstrtoull+0x10/0x10 [ 467.443089][T16904] ? lock_release+0x4e2/0x6f0 [ 467.447763][T16904] ___sys_sendmsg+0xff/0x1e0 [ 467.452361][T16904] ? __pfx____sys_sendmsg+0x10/0x10 [ 467.457572][T16904] ? __pfx_kstrtouint+0x10/0x10 [ 467.462436][T16904] ? rcu_is_watching+0x12/0xc0 [ 467.467212][T16904] ? __pfx___might_resched+0x10/0x10 [ 467.472497][T16904] ? __might_fault+0xe3/0x190 [ 467.477184][T16904] __sys_sendmmsg+0x201/0x420 [ 467.481879][T16904] ? __pfx___sys_sendmmsg+0x10/0x10 [ 467.487091][T16904] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 467.493082][T16904] ? fput+0x67/0x440 [ 467.496986][T16904] ? ksys_write+0x1ba/0x250 [ 467.501490][T16904] ? __pfx_ksys_write+0x10/0x10 [ 467.506344][T16904] __x64_sys_sendmmsg+0x9c/0x100 [ 467.511292][T16904] do_syscall_64+0xcd/0x250 [ 467.515802][T16904] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 467.521701][T16904] RIP: 0033:0x7f3e0af85d29 [ 467.526120][T16904] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 467.545742][T16904] RSP: 002b:00007f3e0bd66038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 467.554161][T16904] RAX: ffffffffffffffda RBX: 00007f3e0b176080 RCX: 00007f3e0af85d29 [ 467.562133][T16904] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 467.570104][T16904] RBP: 00007f3e0bd66090 R08: 0000000000000000 R09: 0000000000000000 [ 467.578083][T16904] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 467.586056][T16904] R13: 0000000000000000 R14: 00007f3e0b176080 R15: 00007ffcfa0bd418 [ 467.594047][T16904] syzkaller syzkaller login: [ 467.904109][T16911] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 468.046631][T16872] kexec: Could not allocate control_code_buffer [ 468.363899][T16932] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 468.386434][T16931] netlink: 'syz.3.2913': attribute type 2 has an invalid length. [ 468.405646][T16931] netlink: 674 bytes leftover after parsing attributes in process `syz.3.2913'. [ 469.051248][T16947] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 469.170817][T16952] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2918'. [ 469.216731][T16952] net veth1_virt_wifi virt_wifi0: entered allmulticast mode [ 469.879003][T16982] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2928'. [ 469.990497][T16981] ptrace attach of "./syz-executor exec"[14708] was attempted by "./syz-executor exec"[16981] [ 470.128596][T16989] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2925'. [ 470.615660][T17012] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 470.656980][T17012] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 470.692397][T17018] FAULT_INJECTION: forcing a failure. [ 470.692397][T17018] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 470.727875][T17018] CPU: 1 UID: 0 PID: 17018 Comm: syz.0.2936 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 470.738698][T17018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 470.748776][T17018] Call Trace: [ 470.752071][T17018] [ 470.755019][T17018] dump_stack_lvl+0x16c/0x1f0 [ 470.759746][T17018] should_fail_ex+0x497/0x5b0 [ 470.764462][T17018] _copy_from_user+0x2e/0xd0 [ 470.769131][T17018] copy_msghdr_from_user+0x99/0x160 [ 470.774371][T17018] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 470.780222][T17018] ? kfree+0x274/0x4b0 [ 470.784327][T17018] ? __pfx__kstrtoull+0x10/0x10 [ 470.789203][T17018] ? lock_release+0x4e2/0x6f0 [ 470.793911][T17018] ___sys_sendmsg+0xff/0x1e0 [ 470.798534][T17018] ? __pfx____sys_sendmsg+0x10/0x10 [ 470.803763][T17018] ? __pfx_kstrtouint+0x10/0x10 [ 470.808644][T17018] ? rcu_is_watching+0x12/0xc0 [ 470.813443][T17018] ? __pfx___might_resched+0x10/0x10 [ 470.818760][T17018] ? __might_fault+0xe3/0x190 [ 470.823476][T17018] __sys_sendmmsg+0x201/0x420 [ 470.828193][T17018] ? __pfx___sys_sendmmsg+0x10/0x10 [ 470.833438][T17018] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 470.839477][T17018] ? fput+0x67/0x440 [ 470.843414][T17018] ? ksys_write+0x1ba/0x250 [ 470.847961][T17018] ? __pfx_ksys_write+0x10/0x10 [ 470.852886][T17018] __x64_sys_sendmmsg+0x9c/0x100 [ 470.857861][T17018] do_syscall_64+0xcd/0x250 [ 470.862399][T17018] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 470.868320][T17018] RIP: 0033:0x7f3e0af85d29 [ 470.872765][T17018] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 470.892401][T17018] RSP: 002b:00007f3e0bd87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 470.900847][T17018] RAX: ffffffffffffffda RBX: 00007f3e0b175fa0 RCX: 00007f3e0af85d29 [ 470.908843][T17018] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 470.916836][T17018] RBP: 00007f3e0bd87090 R08: 0000000000000000 R09: 0000000000000000 [ 470.924825][T17018] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 470.932814][T17018] R13: 0000000000000000 R14: 00007f3e0b175fa0 R15: 00007ffcfa0bd418 [ 470.940811][T17018] [ 471.404936][T17034] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2939'. [ 472.603182][T17063] netlink: 'syz.2.2946': attribute type 1 has an invalid length. [ 473.217627][T17077] nbd: illegal input index 50331648 [ 474.680903][T17125] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 474.818225][T17129] netlink: 'syz.0.2962': attribute type 1 has an invalid length. [ 476.153910][T17172] netlink: 334 bytes leftover after parsing attributes in process `syz.0.2973'. [ 476.328813][T17180] netlink: 338 bytes leftover after parsing attributes in process `syz.3.2974'. [ 476.878912][T17199] netlink: 'syz.2.2979': attribute type 1 has an invalid length. [ 476.960718][T17202] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 477.025652][T17205] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 478.071404][T17240] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 478.146774][T17244] Invalid ELF header magic: != ELF [ 478.539727][T17255] netlink: 306 bytes leftover after parsing attributes in process `syz.1.2994'. [ 478.730738][T17264] FAULT_INJECTION: forcing a failure. [ 478.730738][T17264] name failslab, interval 1, probability 0, space 0, times 0 [ 478.749785][T17264] CPU: 0 UID: 0 PID: 17264 Comm: syz.3.2997 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 478.760606][T17264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 478.770690][T17264] Call Trace: [ 478.773984][T17264] [ 478.776932][T17264] dump_stack_lvl+0x16c/0x1f0 [ 478.781643][T17264] should_fail_ex+0x497/0x5b0 [ 478.786348][T17264] ? fs_reclaim_acquire+0xae/0x150 [ 478.791486][T17264] should_failslab+0xc2/0x120 [ 478.796201][T17264] __kmalloc_noprof+0xce/0x4f0 [ 478.800993][T17264] ? __io_alloc_req_refill+0xeb/0x5b0 [ 478.806389][T17264] ? io_alloc_async_data+0x9d/0x150 [ 478.811608][T17264] ? __io_alloc_req_refill+0xeb/0x5b0 [ 478.817009][T17264] io_alloc_async_data+0x9d/0x150 [ 478.822062][T17264] io_prep_rw+0x30d/0xb70 [ 478.826423][T17264] io_prep_rwv+0xa8/0x360 [ 478.830773][T17264] ? __pfx_io_prep_rwv+0x10/0x10 [ 478.835735][T17264] io_submit_sqes+0x850/0x25f0 [ 478.840536][T17264] __do_sys_io_uring_enter+0xd43/0x1620 [ 478.846113][T17264] ? __fget_files+0x206/0x3a0 [ 478.850811][T17264] ? __pfx___do_sys_io_uring_enter+0x10/0x10 [ 478.856826][T17264] ? fput+0x67/0x440 [ 478.860752][T17264] ? ksys_write+0x1ba/0x250 [ 478.865275][T17264] ? __pfx_ksys_write+0x10/0x10 [ 478.870158][T17264] ? rcu_is_watching+0x12/0xc0 [ 478.874944][T17264] ? rcu_is_watching+0x12/0xc0 [ 478.879730][T17264] do_syscall_64+0xcd/0x250 [ 478.884262][T17264] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 478.890182][T17264] RIP: 0033:0x7f04e3985d29 [ 478.894609][T17264] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 478.914244][T17264] RSP: 002b:00007f04e475b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 478.922686][T17264] RAX: ffffffffffffffda RBX: 00007f04e3b75fa0 RCX: 00007f04e3985d29 [ 478.930687][T17264] RDX: 000000000000cd00 RSI: 0000000000000001 RDI: 0000000000000005 [ 478.938681][T17264] RBP: 00007f04e475b090 R08: 0000000000000000 R09: ffffffffffffffff [ 478.946671][T17264] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001 [ 478.954662][T17264] R13: 0000000000000000 R14: 00007f04e3b75fa0 R15: 00007ffdadfd19e8 [ 478.962664][T17264] [ 479.359855][T17287] FAULT_INJECTION: forcing a failure. [ 479.359855][T17287] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 479.373232][T17287] CPU: 0 UID: 0 PID: 17287 Comm: syz.0.3006 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 479.384029][T17287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 479.394094][T17287] Call Trace: [ 479.397372][T17287] [ 479.400300][T17287] dump_stack_lvl+0x16c/0x1f0 [ 479.404993][T17287] should_fail_ex+0x497/0x5b0 [ 479.409681][T17287] _copy_from_user+0x2e/0xd0 [ 479.414279][T17287] copy_msghdr_from_user+0x99/0x160 [ 479.419490][T17287] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 479.425314][T17287] ? kfree+0x274/0x4b0 [ 479.429386][T17287] ? __pfx__kstrtoull+0x10/0x10 [ 479.434237][T17287] ? lock_release+0x4e2/0x6f0 [ 479.438920][T17287] ___sys_sendmsg+0xff/0x1e0 [ 479.443521][T17287] ? __pfx____sys_sendmsg+0x10/0x10 [ 479.448727][T17287] ? __pfx_kstrtouint+0x10/0x10 [ 479.453595][T17287] ? rcu_is_watching+0x12/0xc0 [ 479.458370][T17287] ? __pfx___might_resched+0x10/0x10 [ 479.463655][T17287] ? __might_fault+0xe3/0x190 [ 479.468347][T17287] __sys_sendmmsg+0x201/0x420 [ 479.473035][T17287] ? __pfx___sys_sendmmsg+0x10/0x10 [ 479.478244][T17287] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 479.484236][T17287] ? fput+0x67/0x440 [ 479.488136][T17287] ? ksys_write+0x1ba/0x250 [ 479.492644][T17287] ? __pfx_ksys_write+0x10/0x10 [ 479.497502][T17287] __x64_sys_sendmmsg+0x9c/0x100 [ 479.502455][T17287] do_syscall_64+0xcd/0x250 [ 479.506962][T17287] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 479.512861][T17287] RIP: 0033:0x7f3e0af85d29 [ 479.517274][T17287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 479.536892][T17287] RSP: 002b:00007f3e0bd87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 479.545311][T17287] RAX: ffffffffffffffda RBX: 00007f3e0b175fa0 RCX: 00007f3e0af85d29 [ 479.553285][T17287] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 479.561263][T17287] RBP: 00007f3e0bd87090 R08: 0000000000000000 R09: 0000000000000000 [ 479.569237][T17287] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 479.577215][T17287] R13: 0000000000000000 R14: 00007f3e0b175fa0 R15: 00007ffcfa0bd418 [ 479.585203][T17287] [ 479.645539][T17294] FAULT_INJECTION: forcing a failure. [ 479.645539][T17294] name failslab, interval 1, probability 0, space 0, times 0 [ 479.681898][T17294] CPU: 1 UID: 0 PID: 17294 Comm: syz.0.3009 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 479.692722][T17294] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 479.702797][T17294] Call Trace: [ 479.706083][T17294] [ 479.709022][T17294] dump_stack_lvl+0x16c/0x1f0 [ 479.713729][T17294] should_fail_ex+0x497/0x5b0 [ 479.718440][T17294] should_failslab+0xc2/0x120 [ 479.723144][T17294] __kmalloc_cache_noprof+0x68/0x420 [ 479.728448][T17294] ? __pfx_ucma_poll+0x10/0x10 [ 479.733239][T17294] io_arm_poll_handler+0x3e7/0xc60 [ 479.738377][T17294] ? __pfx_io_arm_poll_handler+0x10/0x10 [ 479.744043][T17294] io_queue_async+0xaa/0x420 [ 479.748651][T17294] io_submit_sqes+0x177a/0x25f0 [ 479.753565][T17294] __do_sys_io_uring_enter+0xd43/0x1620 [ 479.759136][T17294] ? __fget_files+0x206/0x3a0 [ 479.763829][T17294] ? __pfx___do_sys_io_uring_enter+0x10/0x10 [ 479.769834][T17294] ? fput+0x67/0x440 [ 479.773751][T17294] ? ksys_write+0x1ba/0x250 [ 479.778278][T17294] ? __pfx_ksys_write+0x10/0x10 [ 479.783152][T17294] ? rcu_is_watching+0x12/0xc0 [ 479.787946][T17294] ? rcu_is_watching+0x12/0xc0 [ 479.792735][T17294] do_syscall_64+0xcd/0x250 [ 479.797263][T17294] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 479.803188][T17294] RIP: 0033:0x7f3e0af85d29 [ 479.807616][T17294] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 479.827246][T17294] RSP: 002b:00007f3e0bd87038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa [ 479.835683][T17294] RAX: ffffffffffffffda RBX: 00007f3e0b175fa0 RCX: 00007f3e0af85d29 [ 479.843683][T17294] RDX: 000000000000cd00 RSI: 0000000000000001 RDI: 0000000000000005 [ 479.851685][T17294] RBP: 00007f3e0bd87090 R08: 0000000000000000 R09: ffffffffffffffff [ 479.859682][T17294] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001 [ 479.867676][T17294] R13: 0000000000000000 R14: 00007f3e0b175fa0 R15: 00007ffcfa0bd418 [ 479.875673][T17294] [ 479.998195][T17304] netlink: 146 bytes leftover after parsing attributes in process `syz.0.3011'. [ 480.987436][T17324] netlink: 'syz.1.3025': attribute type 1 has an invalid length. [ 482.258340][T17337] FAULT_INJECTION: forcing a failure. [ 482.258340][T17337] name failslab, interval 1, probability 0, space 0, times 0 [ 482.286155][T17337] CPU: 0 UID: 0 PID: 17337 Comm: syz.1.3018 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 482.296984][T17337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 482.307065][T17337] Call Trace: [ 482.310362][T17337] [ 482.313316][T17337] dump_stack_lvl+0x16c/0x1f0 [ 482.318031][T17337] should_fail_ex+0x497/0x5b0 [ 482.322742][T17337] ? rcu_is_watching+0x12/0xc0 [ 482.327533][T17337] should_failslab+0xc2/0x120 [ 482.332243][T17337] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 482.337649][T17337] ? do_raw_spin_lock+0x12d/0x2c0 [ 482.342699][T17337] ? dst_alloc+0x99/0x1a0 [ 482.347057][T17337] dst_alloc+0x99/0x1a0 [ 482.351244][T17337] rt_dst_alloc+0x35/0x3a0 [ 482.355692][T17337] ip_route_output_key_hash_rcu+0x8a5/0x2770 [ 482.361705][T17337] ip_route_output_key_hash+0x138/0x2e0 [ 482.367284][T17337] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 482.373384][T17337] ? rcu_is_watching+0x12/0xc0 [ 482.378185][T17337] ? __pfx_lock_release+0x10/0x10 [ 482.383225][T17337] ? trace_lock_acquire+0x14e/0x1f0 [ 482.388437][T17337] ? udp_sendmsg+0x1d9a/0x29b0 [ 482.393213][T17337] ip_route_output_flow+0x27/0x150 [ 482.398333][T17337] udp_sendmsg+0x1b92/0x29b0 [ 482.402939][T17337] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 482.408493][T17337] ? __pfx_udp_sendmsg+0x10/0x10 [ 482.413435][T17337] ? do_raw_spin_unlock+0x172/0x230 [ 482.418634][T17337] ? rcu_is_watching+0x12/0xc0 [ 482.423399][T17337] ? __pfx_lock_release+0x10/0x10 [ 482.428425][T17337] ? __pfx___might_resched+0x10/0x10 [ 482.433711][T17337] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 482.439605][T17337] ? aa_sk_perm+0x2f5/0xb20 [ 482.444118][T17337] ? __pfx_udp_sendmsg+0x10/0x10 [ 482.449064][T17337] inet_sendmsg+0x105/0x140 [ 482.453566][T17337] ____sys_sendmsg+0x907/0xb40 [ 482.458329][T17337] ? copy_msghdr_from_user+0x10b/0x160 [ 482.463792][T17337] ? __pfx_____sys_sendmsg+0x10/0x10 [ 482.469078][T17337] ? kfree+0x274/0x4b0 [ 482.473148][T17337] ? __pfx__kstrtoull+0x10/0x10 [ 482.478010][T17337] ? lock_release+0x4e2/0x6f0 [ 482.482683][T17337] ___sys_sendmsg+0x135/0x1e0 [ 482.487370][T17337] ? __pfx____sys_sendmsg+0x10/0x10 [ 482.492571][T17337] ? __pfx_kstrtouint+0x10/0x10 [ 482.497447][T17337] ? rcu_is_watching+0x12/0xc0 [ 482.502219][T17337] ? __pfx___might_resched+0x10/0x10 [ 482.507523][T17337] ? __might_fault+0xe3/0x190 [ 482.512212][T17337] __sys_sendmmsg+0x201/0x420 [ 482.516899][T17337] ? __pfx___sys_sendmmsg+0x10/0x10 [ 482.522191][T17337] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 482.528182][T17337] ? fput+0x67/0x440 [ 482.532082][T17337] ? ksys_write+0x1ba/0x250 [ 482.536590][T17337] ? __pfx_ksys_write+0x10/0x10 [ 482.541444][T17337] __x64_sys_sendmmsg+0x9c/0x100 [ 482.546391][T17337] do_syscall_64+0xcd/0x250 [ 482.550903][T17337] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 482.556801][T17337] RIP: 0033:0x7f0212785d29 [ 482.561211][T17337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 482.580819][T17337] RSP: 002b:00007f02135f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 482.589238][T17337] RAX: ffffffffffffffda RBX: 00007f0212975fa0 RCX: 00007f0212785d29 [ 482.597206][T17337] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 482.605177][T17337] RBP: 00007f02135f6090 R08: 0000000000000000 R09: 0000000000000000 [ 482.613149][T17337] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 482.621120][T17337] R13: 0000000000000000 R14: 00007f0212975fa0 R15: 00007ffc5b117078 [ 482.629093][T17337] [ 482.845575][T17347] FAULT_INJECTION: forcing a failure. [ 482.845575][T17347] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 482.902942][T17347] CPU: 0 UID: 0 PID: 17347 Comm: syz.2.3021 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 482.913772][T17347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 482.923852][T17347] Call Trace: [ 482.927143][T17347] [ 482.930087][T17347] dump_stack_lvl+0x16c/0x1f0 [ 482.934914][T17347] should_fail_ex+0x497/0x5b0 [ 482.939671][T17347] _copy_to_user+0x32/0xd0 [ 482.944129][T17347] simple_read_from_buffer+0xd0/0x160 [ 482.949528][T17347] proc_fail_nth_read+0x198/0x270 [ 482.954585][T17347] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 482.960156][T17347] ? bpf_lsm_file_permission+0x9/0x10 [ 482.965562][T17347] ? security_file_permission+0x71/0x210 [ 482.971232][T17347] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 482.976823][T17347] vfs_read+0x1df/0xbe0 [ 482.981016][T17347] ? __fget_files+0x1fc/0x3a0 [ 482.985731][T17347] ? __pfx___mutex_lock+0x10/0x10 [ 482.990785][T17347] ? __pfx_vfs_read+0x10/0x10 [ 482.995495][T17347] ? __fget_files+0x206/0x3a0 [ 483.000201][T17347] ksys_read+0x12b/0x250 [ 483.004460][T17347] ? __pfx_ksys_read+0x10/0x10 [ 483.009234][T17347] ? rcu_is_watching+0x12/0xc0 [ 483.014003][T17347] ? rcu_is_watching+0x12/0xc0 [ 483.018777][T17347] do_syscall_64+0xcd/0x250 [ 483.023288][T17347] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 483.029194][T17347] RIP: 0033:0x7f9c8578473c [ 483.033608][T17347] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 483.053222][T17347] RSP: 002b:00007f9c86535030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 483.061640][T17347] RAX: ffffffffffffffda RBX: 00007f9c85975fa0 RCX: 00007f9c8578473c [ 483.069613][T17347] RDX: 000000000000000f RSI: 00007f9c865350a0 RDI: 0000000000000006 [ 483.077583][T17347] RBP: 00007f9c86535090 R08: 0000000000000000 R09: ffffffffffffffff [ 483.085548][T17347] R10: 0000000000000007 R11: 0000000000000246 R12: 0000000000000001 [ 483.093517][T17347] R13: 0000000000000000 R14: 00007f9c85975fa0 R15: 00007fff4faea168 [ 483.101494][T17347] [ 483.639119][T17373] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 483.718580][T17381] netlink: 'syz.3.3029': attribute type 1 has an invalid length. [ 484.325218][T17396] netlink: 'syz.0.3033': attribute type 1 has an invalid length. [ 484.979048][T17406] netlink: 'syz.1.3034': attribute type 1 has an invalid length. [ 485.362831][T17418] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 486.359805][T17447] netlink: 146 bytes leftover after parsing attributes in process `syz.1.3046'. [ 486.963927][T17455] netlink: 'syz.3.3049': attribute type 1 has an invalid length. [ 488.009368][T17476] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 488.121483][T17481] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 488.292718][T17483] mkiss: ax0: crc mode is auto. [ 489.765860][T17525] vivid-002: kernel_thread() failed [ 489.853590][T17533] FAULT_INJECTION: forcing a failure. [ 489.853590][T17533] name failslab, interval 1, probability 0, space 0, times 0 [ 489.886176][T17533] CPU: 1 UID: 0 PID: 17533 Comm: syz.2.3066 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 489.897000][T17533] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 489.907078][T17533] Call Trace: [ 489.910364][T17533] [ 489.913294][T17533] dump_stack_lvl+0x16c/0x1f0 [ 489.917981][T17533] should_fail_ex+0x497/0x5b0 [ 489.922659][T17533] ? rcu_is_watching+0x12/0xc0 [ 489.927428][T17533] should_failslab+0xc2/0x120 [ 489.932114][T17533] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 489.937491][T17533] ? do_raw_spin_lock+0x12d/0x2c0 [ 489.942516][T17533] ? dst_alloc+0x99/0x1a0 [ 489.946853][T17533] dst_alloc+0x99/0x1a0 [ 489.951010][T17533] rt_dst_alloc+0x35/0x3a0 [ 489.955610][T17533] ip_route_output_key_hash_rcu+0x8a5/0x2770 [ 489.961595][T17533] ip_route_output_key_hash+0x138/0x2e0 [ 489.967142][T17533] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 489.973209][T17533] ? rcu_is_watching+0x12/0xc0 [ 489.977975][T17533] ? __pfx_lock_release+0x10/0x10 [ 489.982993][T17533] ? trace_lock_acquire+0x14e/0x1f0 [ 489.988195][T17533] ? udp_sendmsg+0x1d9a/0x29b0 [ 489.992965][T17533] ip_route_output_flow+0x27/0x150 [ 489.998080][T17533] udp_sendmsg+0x1b92/0x29b0 [ 490.002676][T17533] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 490.008228][T17533] ? __pfx_udp_sendmsg+0x10/0x10 [ 490.013175][T17533] ? do_raw_spin_unlock+0x172/0x230 [ 490.018386][T17533] ? rcu_is_watching+0x12/0xc0 [ 490.023152][T17533] ? __pfx_lock_release+0x10/0x10 [ 490.028175][T17533] ? __pfx___might_resched+0x10/0x10 [ 490.033463][T17533] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 490.039358][T17533] ? aa_sk_perm+0x2f5/0xb20 [ 490.043870][T17533] ? __pfx_udp_sendmsg+0x10/0x10 [ 490.048851][T17533] inet_sendmsg+0x105/0x140 [ 490.053353][T17533] ____sys_sendmsg+0x907/0xb40 [ 490.058117][T17533] ? copy_msghdr_from_user+0x10b/0x160 [ 490.063582][T17533] ? __pfx_____sys_sendmsg+0x10/0x10 [ 490.068871][T17533] ? kfree+0x274/0x4b0 [ 490.072941][T17533] ? __pfx__kstrtoull+0x10/0x10 [ 490.077789][T17533] ? lock_release+0x4e2/0x6f0 [ 490.082479][T17533] ___sys_sendmsg+0x135/0x1e0 [ 490.087173][T17533] ? __pfx____sys_sendmsg+0x10/0x10 [ 490.092383][T17533] ? __pfx_kstrtouint+0x10/0x10 [ 490.097251][T17533] ? rcu_is_watching+0x12/0xc0 [ 490.102032][T17533] ? __pfx___might_resched+0x10/0x10 [ 490.107321][T17533] ? __might_fault+0xe3/0x190 [ 490.112013][T17533] __sys_sendmmsg+0x201/0x420 [ 490.116710][T17533] ? __pfx___sys_sendmmsg+0x10/0x10 [ 490.121918][T17533] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 490.127905][T17533] ? fput+0x67/0x440 [ 490.131807][T17533] ? ksys_write+0x1ba/0x250 [ 490.136315][T17533] ? __pfx_ksys_write+0x10/0x10 [ 490.141168][T17533] __x64_sys_sendmmsg+0x9c/0x100 [ 490.146138][T17533] do_syscall_64+0xcd/0x250 [ 490.150647][T17533] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 490.156543][T17533] RIP: 0033:0x7f9c85785d29 [ 490.160966][T17533] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 490.180575][T17533] RSP: 002b:00007f9c86514038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 490.188996][T17533] RAX: ffffffffffffffda RBX: 00007f9c85976080 RCX: 00007f9c85785d29 [ 490.196966][T17533] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 490.204939][T17533] RBP: 00007f9c86514090 R08: 0000000000000000 R09: 0000000000000000 [ 490.212906][T17533] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 490.220875][T17533] R13: 0000000000000000 R14: 00007f9c85976080 R15: 00007fff4faea168 [ 490.228854][T17533] [ 490.482742][T17547] netlink: 'syz.3.3071': attribute type 1 has an invalid length. [ 490.583838][T17549] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3067'. [ 492.239436][T17582] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 492.324300][T17584] FAULT_INJECTION: forcing a failure. [ 492.324300][T17584] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 492.357034][T17584] CPU: 1 UID: 0 PID: 17584 Comm: syz.1.3078 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 492.367861][T17584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 492.377937][T17584] Call Trace: [ 492.381230][T17584] [ 492.384176][T17584] dump_stack_lvl+0x16c/0x1f0 [ 492.388881][T17584] should_fail_ex+0x497/0x5b0 [ 492.393586][T17584] _copy_from_user+0x2e/0xd0 [ 492.398204][T17584] copy_msghdr_from_user+0x99/0x160 [ 492.403432][T17584] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 492.409269][T17584] ? kfree+0x274/0x4b0 [ 492.413369][T17584] ? __pfx__kstrtoull+0x10/0x10 [ 492.418242][T17584] ? lock_release+0x4e2/0x6f0 [ 492.422932][T17584] ___sys_sendmsg+0xff/0x1e0 [ 492.427540][T17584] ? __pfx____sys_sendmsg+0x10/0x10 [ 492.432764][T17584] ? __pfx_kstrtouint+0x10/0x10 [ 492.437640][T17584] ? rcu_is_watching+0x12/0xc0 [ 492.442448][T17584] ? __pfx___might_resched+0x10/0x10 [ 492.447749][T17584] ? __might_fault+0xe3/0x190 [ 492.452437][T17584] __sys_sendmmsg+0x201/0x420 [ 492.457122][T17584] ? __pfx___sys_sendmmsg+0x10/0x10 [ 492.462327][T17584] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 492.468323][T17584] ? fput+0x67/0x440 [ 492.472231][T17584] ? ksys_write+0x1ba/0x250 [ 492.476738][T17584] ? __pfx_ksys_write+0x10/0x10 [ 492.481592][T17584] __x64_sys_sendmmsg+0x9c/0x100 [ 492.486537][T17584] do_syscall_64+0xcd/0x250 [ 492.491045][T17584] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 492.496944][T17584] RIP: 0033:0x7f0212785d29 [ 492.501359][T17584] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 492.520970][T17584] RSP: 002b:00007f02135f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 492.529382][T17584] RAX: ffffffffffffffda RBX: 00007f0212975fa0 RCX: 00007f0212785d29 [ 492.537356][T17584] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 492.545321][T17584] RBP: 00007f02135f6090 R08: 0000000000000000 R09: 0000000000000000 [ 492.553296][T17584] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 492.561266][T17584] R13: 0000000000000000 R14: 00007f0212975fa0 R15: 00007ffc5b117078 [ 492.569247][T17584] [ 494.217270][T17588] netlink: 322 bytes leftover after parsing attributes in process `syz.2.3080'. [ 495.016406][T17638] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 495.264468][T17642] netlink: 'syz.2.3092': attribute type 1 has an invalid length. [ 495.331157][T17645] ptrace attach of "./syz-executor exec"[14638] was attempted by "./syz-executor exec"[17645] [ 495.357987][T17644] netlink: 'syz.0.3091': attribute type 1 has an invalid length. [ 495.435056][T17649] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 495.477058][T17649] FAULT_INJECTION: forcing a failure. [ 495.477058][T17649] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 495.517167][T17649] CPU: 1 UID: 0 PID: 17649 Comm: syz.1.3094 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 495.527989][T17649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 495.538076][T17649] Call Trace: [ 495.541371][T17649] [ 495.544321][T17649] dump_stack_lvl+0x16c/0x1f0 [ 495.549032][T17649] should_fail_ex+0x497/0x5b0 [ 495.553746][T17649] _copy_to_iter+0x4a5/0x1400 [ 495.558457][T17649] ? __pfx__copy_to_iter+0x10/0x10 [ 495.563603][T17649] ? __virt_addr_valid+0x1a4/0x590 [ 495.568752][T17649] ? __virt_addr_valid+0x5e/0x590 [ 495.573808][T17649] ? __phys_addr_symbol+0x30/0x80 [ 495.578862][T17649] ? __check_object_size+0x488/0x710 [ 495.584170][T17649] seq_read_iter+0xd00/0x12b0 [ 495.588857][T17649] seq_read+0x39f/0x4e0 [ 495.593010][T17649] ? __pfx_seq_read+0x10/0x10 [ 495.597681][T17649] ? __pfx_lock_release+0x10/0x10 [ 495.602720][T17649] ? lock_acquire+0x2f/0xb0 [ 495.607223][T17649] ? apparmor_file_permission+0x251/0x400 [ 495.612952][T17649] ? __pfx_seq_read+0x10/0x10 [ 495.617630][T17649] proc_reg_read+0x23d/0x330 [ 495.622219][T17649] ? __pfx_proc_reg_read+0x10/0x10 [ 495.627329][T17649] vfs_read+0x1df/0xbe0 [ 495.631481][T17649] ? __fget_files+0x1fc/0x3a0 [ 495.636158][T17649] ? __pfx___mutex_lock+0x10/0x10 [ 495.641184][T17649] ? __pfx_vfs_read+0x10/0x10 [ 495.645865][T17649] ? __fget_files+0x206/0x3a0 [ 495.650549][T17649] ksys_read+0x12b/0x250 [ 495.654794][T17649] ? __pfx_ksys_read+0x10/0x10 [ 495.659556][T17649] ? rcu_is_watching+0x12/0xc0 [ 495.664324][T17649] ? rcu_is_watching+0x12/0xc0 [ 495.669089][T17649] do_syscall_64+0xcd/0x250 [ 495.673598][T17649] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 495.679498][T17649] RIP: 0033:0x7f0212785d29 [ 495.683908][T17649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 495.703517][T17649] RSP: 002b:00007f02135f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 495.711954][T17649] RAX: ffffffffffffffda RBX: 00007f0212975fa0 RCX: 00007f0212785d29 [ 495.719944][T17649] RDX: 0000000000000009 RSI: 00000000200000c0 RDI: 0000000000000004 [ 495.727928][T17649] RBP: 00007f02135f6090 R08: 0000000000000000 R09: 0000000000000000 [ 495.735910][T17649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 495.743882][T17649] R13: 0000000000000000 R14: 00007f0212975fa0 R15: 00007ffc5b117078 [ 495.751864][T17649] [ 496.085664][T17657] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3096'. [ 496.126798][T17657] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3096'. [ 496.136828][T17657] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3096'. [ 496.146307][T17657] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3096'. [ 496.155986][T17657] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3096'. [ 496.609969][T17670] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3099'. [ 496.725056][T17675] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 497.002230][T17689] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 497.044256][T17689] FAULT_INJECTION: forcing a failure. [ 497.044256][T17689] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 497.070904][T17689] CPU: 0 UID: 0 PID: 17689 Comm: syz.1.3105 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 497.081726][T17689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 497.091806][T17689] Call Trace: [ 497.095188][T17689] [ 497.098136][T17689] dump_stack_lvl+0x16c/0x1f0 [ 497.102843][T17689] should_fail_ex+0x497/0x5b0 [ 497.107560][T17689] _copy_to_user+0x32/0xd0 [ 497.112015][T17689] simple_read_from_buffer+0xd0/0x160 [ 497.117412][T17689] proc_fail_nth_read+0x198/0x270 [ 497.122472][T17689] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 497.128055][T17689] ? bpf_lsm_file_permission+0x9/0x10 [ 497.133635][T17689] ? security_file_permission+0x71/0x210 [ 497.139292][T17689] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 497.144874][T17689] vfs_read+0x1df/0xbe0 [ 497.149064][T17689] ? __fget_files+0x1fc/0x3a0 [ 497.153766][T17689] ? __pfx___mutex_lock+0x10/0x10 [ 497.158817][T17689] ? __pfx_vfs_read+0x10/0x10 [ 497.163520][T17689] ? __fget_files+0x206/0x3a0 [ 497.168227][T17689] ksys_read+0x12b/0x250 [ 497.172499][T17689] ? __pfx_ksys_read+0x10/0x10 [ 497.177285][T17689] ? rcu_is_watching+0x12/0xc0 [ 497.182074][T17689] ? rcu_is_watching+0x12/0xc0 [ 497.186867][T17689] do_syscall_64+0xcd/0x250 [ 497.191401][T17689] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 497.197323][T17689] RIP: 0033:0x7f021278473c [ 497.201760][T17689] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 497.221389][T17689] RSP: 002b:00007f02135f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 497.229832][T17689] RAX: ffffffffffffffda RBX: 00007f0212975fa0 RCX: 00007f021278473c [ 497.237829][T17689] RDX: 000000000000000f RSI: 00007f02135f60a0 RDI: 0000000000000005 [ 497.245822][T17689] RBP: 00007f02135f6090 R08: 0000000000000000 R09: 0000000000000000 [ 497.253818][T17689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 497.261812][T17689] R13: 0000000000000000 R14: 00007f0212975fa0 R15: 00007ffc5b117078 [ 497.269812][T17689] [ 497.430836][T17695] netlink: 'syz.1.3106': attribute type 1 has an invalid length. [ 497.936032][T17708] netlink: 'syz.3.3109': attribute type 1 has an invalid length. [ 498.422656][T17723] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 498.563600][T17730] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 499.025748][T17739] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3118'. [ 499.160859][T17745] FAULT_INJECTION: forcing a failure. [ 499.160859][T17745] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 499.178758][T17745] CPU: 0 UID: 0 PID: 17745 Comm: syz.2.3119 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 499.189570][T17745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 499.199649][T17745] Call Trace: [ 499.202944][T17745] [ 499.205883][T17745] dump_stack_lvl+0x16c/0x1f0 [ 499.210586][T17745] should_fail_ex+0x497/0x5b0 [ 499.215288][T17745] _copy_from_user+0x2e/0xd0 [ 499.219905][T17745] copy_msghdr_from_user+0x99/0x160 [ 499.225129][T17745] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 499.230969][T17745] ? kfree+0x274/0x4b0 [ 499.235061][T17745] ? __pfx__kstrtoull+0x10/0x10 [ 499.239931][T17745] ? lock_release+0x4e2/0x6f0 [ 499.244628][T17745] ___sys_sendmsg+0xff/0x1e0 [ 499.249249][T17745] ? __pfx____sys_sendmsg+0x10/0x10 [ 499.254475][T17745] ? __pfx_kstrtouint+0x10/0x10 [ 499.259350][T17745] ? rcu_is_watching+0x12/0xc0 [ 499.264140][T17745] ? __pfx___might_resched+0x10/0x10 [ 499.269450][T17745] ? __might_fault+0xe3/0x190 [ 499.274157][T17745] __sys_sendmmsg+0x201/0x420 [ 499.278863][T17745] ? __pfx___sys_sendmmsg+0x10/0x10 [ 499.284096][T17745] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 499.290110][T17745] ? fput+0x67/0x440 [ 499.294035][T17745] ? ksys_write+0x1ba/0x250 [ 499.298558][T17745] ? __pfx_ksys_write+0x10/0x10 [ 499.303437][T17745] __x64_sys_sendmmsg+0x9c/0x100 [ 499.308409][T17745] do_syscall_64+0xcd/0x250 [ 499.312945][T17745] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 499.318865][T17745] RIP: 0033:0x7f9c85785d29 [ 499.323296][T17745] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 499.342925][T17745] RSP: 002b:00007f9c86535038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 499.351366][T17745] RAX: ffffffffffffffda RBX: 00007f9c85975fa0 RCX: 00007f9c85785d29 [ 499.359362][T17745] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 499.367349][T17745] RBP: 00007f9c86535090 R08: 0000000000000000 R09: 0000000000000000 [ 499.375345][T17745] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 499.383340][T17745] R13: 0000000000000000 R14: 00007f9c85975fa0 R15: 00007fff4faea168 [ 499.391337][T17745] [ 499.505746][T17754] netlink: 'syz.0.3122': attribute type 1 has an invalid length. [ 499.582572][T17752] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3121'. [ 500.758380][T17779] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 500.871229][T17791] netlink: 'syz.0.3141': attribute type 1 has an invalid length. [ 500.976877][T17795] Process accounting resumed [ 501.022788][T17789] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3133'. [ 501.487762][T17775] netlink: 322 bytes leftover after parsing attributes in process `syz.1.3127'. [ 502.168160][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 502.174696][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 502.190003][T17819] netlink: 'syz.0.3140': attribute type 1 has an invalid length. [ 502.190049][T17818] FAULT_INJECTION: forcing a failure. [ 502.190049][T17818] name failslab, interval 1, probability 0, space 0, times 0 [ 502.211700][T17818] CPU: 1 UID: 0 PID: 17818 Comm: syz.1.3142 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 502.222498][T17818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 502.232573][T17818] Call Trace: [ 502.235866][T17818] [ 502.238809][T17818] dump_stack_lvl+0x16c/0x1f0 [ 502.243517][T17818] should_fail_ex+0x497/0x5b0 [ 502.248225][T17818] ? rcu_is_watching+0x12/0xc0 [ 502.253020][T17818] should_failslab+0xc2/0x120 [ 502.257740][T17818] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 502.263151][T17818] ? do_raw_spin_lock+0x12d/0x2c0 [ 502.268207][T17818] ? dst_alloc+0x99/0x1a0 [ 502.272565][T17818] dst_alloc+0x99/0x1a0 [ 502.276745][T17818] rt_dst_alloc+0x35/0x3a0 [ 502.281203][T17818] ip_route_output_key_hash_rcu+0x8a5/0x2770 [ 502.287216][T17818] ip_route_output_key_hash+0x138/0x2e0 [ 502.292794][T17818] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 502.298890][T17818] ? rcu_is_watching+0x12/0xc0 [ 502.303686][T17818] ? __pfx_lock_release+0x10/0x10 [ 502.308735][T17818] ? trace_lock_acquire+0x14e/0x1f0 [ 502.313964][T17818] ? udp_sendmsg+0x1d9a/0x29b0 [ 502.318761][T17818] ip_route_output_flow+0x27/0x150 [ 502.323903][T17818] udp_sendmsg+0x1b92/0x29b0 [ 502.328524][T17818] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 502.334097][T17818] ? __pfx_udp_sendmsg+0x10/0x10 [ 502.339072][T17818] ? rcu_is_watching+0x12/0xc0 [ 502.343870][T17818] ? __pfx_lock_release+0x10/0x10 [ 502.348920][T17818] ? trace_pid_list_is_set+0x4c/0x150 [ 502.354314][T17818] ? finish_task_switch.isra.0+0x212/0xcc0 [ 502.360141][T17818] ? __pfx___might_resched+0x10/0x10 [ 502.365446][T17818] ? rcu_is_watching+0x12/0xc0 [ 502.370234][T17818] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 502.376161][T17818] ? aa_sk_perm+0x2f5/0xb20 [ 502.380699][T17818] ? __pfx_udp_sendmsg+0x10/0x10 [ 502.385671][T17818] inet_sendmsg+0x105/0x140 [ 502.390194][T17818] ____sys_sendmsg+0x907/0xb40 [ 502.394979][T17818] ? copy_msghdr_from_user+0x10b/0x160 [ 502.400473][T17818] ? __pfx_____sys_sendmsg+0x10/0x10 [ 502.405784][T17818] ? kfree+0x274/0x4b0 [ 502.409873][T17818] ? __pfx__kstrtoull+0x10/0x10 [ 502.414747][T17818] ___sys_sendmsg+0x135/0x1e0 [ 502.419451][T17818] ? __pfx____sys_sendmsg+0x10/0x10 [ 502.424680][T17818] ? rcu_is_watching+0x12/0xc0 [ 502.429474][T17818] ? __pfx___might_resched+0x10/0x10 [ 502.434791][T17818] ? __might_fault+0xe3/0x190 [ 502.439497][T17818] __sys_sendmmsg+0x201/0x420 [ 502.444215][T17818] ? __pfx___sys_sendmmsg+0x10/0x10 [ 502.449466][T17818] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 502.455482][T17818] ? fput+0x67/0x440 [ 502.459410][T17818] ? ksys_write+0x1ba/0x250 [ 502.463032][T17822] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 502.463924][T17818] ? __pfx_ksys_write+0x10/0x10 [ 502.476570][T17818] __x64_sys_sendmmsg+0x9c/0x100 [ 502.481535][T17818] do_syscall_64+0xcd/0x250 [ 502.486068][T17818] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 502.491974][T17818] RIP: 0033:0x7f0212785d29 [ 502.496401][T17818] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 502.516001][T17818] RSP: 002b:00007f02135f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 502.524427][T17818] RAX: ffffffffffffffda RBX: 00007f0212975fa0 RCX: 00007f0212785d29 [ 502.532394][T17818] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 502.540356][T17818] RBP: 00007f02135f6090 R08: 0000000000000000 R09: 0000000000000000 [ 502.548335][T17818] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 502.556311][T17818] R13: 0000000000000000 R14: 00007f0212975fa0 R15: 00007ffc5b117078 [ 502.564279][T17818] [ 502.660609][T17825] netlink: 'syz.3.3145': attribute type 1 has an invalid length. [ 502.782644][T17832] netlink: 'syz.2.3147': attribute type 1 has an invalid length. [ 504.317343][ T29] audit: type=1800 audit(4294967297.700:20): pid=17864 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3156" name="features" dev="configfs" ino=64127 res=0 errno=0 [ 504.318853][T17864] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 504.460323][T17866] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3155'. [ 504.550022][T17871] netlink: 'syz.0.3158': attribute type 1 has an invalid length. [ 504.929197][T17879] netlink: 'syz.1.3160': attribute type 1 has an invalid length. [ 505.080653][T17882] netlink: 'syz.3.3161': attribute type 1 has an invalid length. [ 506.770953][T17929] netlink: 'syz.3.3171': attribute type 1 has an invalid length. [ 508.140072][T17946] netlink: 'syz.1.3183': attribute type 1 has an invalid length. [ 508.218343][T17948] netlink: 'syz.2.3174': attribute type 1 has an invalid length. [ 509.334227][T17962] netlink: 'syz.1.3175': attribute type 1 has an invalid length. [ 509.619680][T17966] netlink: 'syz.2.3188': attribute type 1 has an invalid length. [ 510.622874][T17994] WARNING! power/level is deprecated; use power/control instead [ 511.603680][T18014] netlink: 'syz.3.3194': attribute type 1 has an invalid length. [ 512.132579][T18032] FAULT_INJECTION: forcing a failure. [ 512.132579][T18032] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 512.167875][T18032] CPU: 1 UID: 0 PID: 18032 Comm: syz.3.3197 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 512.178698][T18032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 512.188771][T18032] Call Trace: [ 512.192062][T18032] [ 512.195007][T18032] dump_stack_lvl+0x16c/0x1f0 [ 512.199708][T18032] should_fail_ex+0x497/0x5b0 [ 512.204414][T18032] _copy_from_user+0x2e/0xd0 [ 512.209035][T18032] copy_msghdr_from_user+0x99/0x160 [ 512.214270][T18032] ? __pfx_copy_msghdr_from_user+0x10/0x10 [ 512.220112][T18032] ? kfree+0x274/0x4b0 [ 512.224203][T18032] ? __pfx__kstrtoull+0x10/0x10 [ 512.229070][T18032] ? lock_release+0x4e2/0x6f0 [ 512.233775][T18032] ___sys_sendmsg+0xff/0x1e0 [ 512.238394][T18032] ? __pfx____sys_sendmsg+0x10/0x10 [ 512.243616][T18032] ? __pfx_kstrtouint+0x10/0x10 [ 512.248489][T18032] ? rcu_is_watching+0x12/0xc0 [ 512.253285][T18032] ? __pfx___might_resched+0x10/0x10 [ 512.258681][T18032] ? __might_fault+0xe3/0x190 [ 512.263393][T18032] __sys_sendmmsg+0x201/0x420 [ 512.268105][T18032] ? __pfx___sys_sendmmsg+0x10/0x10 [ 512.273337][T18032] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 512.279358][T18032] ? fput+0x67/0x440 [ 512.283285][T18032] ? ksys_write+0x1ba/0x250 [ 512.287812][T18032] ? __pfx_ksys_write+0x10/0x10 [ 512.292684][T18032] __x64_sys_sendmmsg+0x9c/0x100 [ 512.297650][T18032] do_syscall_64+0xcd/0x250 [ 512.302180][T18032] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 512.308127][T18032] RIP: 0033:0x7f04e3985d29 [ 512.312561][T18032] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 512.332190][T18032] RSP: 002b:00007f04e475b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 512.340643][T18032] RAX: ffffffffffffffda RBX: 00007f04e3b75fa0 RCX: 00007f04e3985d29 [ 512.348637][T18032] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 512.356633][T18032] RBP: 00007f04e475b090 R08: 0000000000000000 R09: 0000000000000000 [ 512.364624][T18032] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 512.372614][T18032] R13: 0000000000000000 R14: 00007f04e3b75fa0 R15: 00007ffdadfd19e8 [ 512.380608][T18032] [ 512.589474][T18040] netlink: 'syz.2.3201': attribute type 1 has an invalid length. [ 513.290621][T18059] nbd: must specify a size in bytes for the device [ 514.250218][T18087] netlink: 'syz.0.3214': attribute type 1 has an invalid length. [ 514.364455][T18090] FAULT_INJECTION: forcing a failure. [ 514.364455][T18090] name failslab, interval 1, probability 0, space 0, times 0 [ 514.404858][T18090] CPU: 0 UID: 0 PID: 18090 Comm: syz.3.3215 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 514.415676][T18090] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 514.425839][T18090] Call Trace: [ 514.429123][T18090] [ 514.432056][T18090] dump_stack_lvl+0x16c/0x1f0 [ 514.436744][T18090] should_fail_ex+0x497/0x5b0 [ 514.441427][T18090] ? rcu_is_watching+0x12/0xc0 [ 514.446204][T18090] should_failslab+0xc2/0x120 [ 514.450900][T18090] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 514.456275][T18090] ? do_raw_spin_lock+0x12d/0x2c0 [ 514.461312][T18090] ? dst_alloc+0x99/0x1a0 [ 514.465642][T18090] dst_alloc+0x99/0x1a0 [ 514.469800][T18090] rt_dst_alloc+0x35/0x3a0 [ 514.474225][T18090] ip_route_output_key_hash_rcu+0x8a5/0x2770 [ 514.480212][T18090] ip_route_output_key_hash+0x138/0x2e0 [ 514.485758][T18090] ? __pfx_ip_route_output_key_hash+0x10/0x10 [ 514.491828][T18090] ? rcu_is_watching+0x12/0xc0 [ 514.496604][T18090] ? __pfx_lock_release+0x10/0x10 [ 514.501628][T18090] ? trace_lock_acquire+0x14e/0x1f0 [ 514.506827][T18090] ? udp_sendmsg+0x1d9a/0x29b0 [ 514.511597][T18090] ip_route_output_flow+0x27/0x150 [ 514.516713][T18090] udp_sendmsg+0x1b92/0x29b0 [ 514.521309][T18090] ? __pfx_ip_generic_getfrag+0x10/0x10 [ 514.526872][T18090] ? __pfx_udp_sendmsg+0x10/0x10 [ 514.531820][T18090] ? do_raw_spin_unlock+0x172/0x230 [ 514.537027][T18090] ? rcu_is_watching+0x12/0xc0 [ 514.541792][T18090] ? __pfx_lock_release+0x10/0x10 [ 514.546812][T18090] ? __pfx___might_resched+0x10/0x10 [ 514.552096][T18090] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 514.557994][T18090] ? aa_sk_perm+0x2f5/0xb20 [ 514.562509][T18090] ? __pfx_udp_sendmsg+0x10/0x10 [ 514.567454][T18090] inet_sendmsg+0x105/0x140 [ 514.571956][T18090] ____sys_sendmsg+0x907/0xb40 [ 514.576722][T18090] ? copy_msghdr_from_user+0x10b/0x160 [ 514.582187][T18090] ? __pfx_____sys_sendmsg+0x10/0x10 [ 514.587473][T18090] ? kfree+0x274/0x4b0 [ 514.591541][T18090] ? __pfx__kstrtoull+0x10/0x10 [ 514.596391][T18090] ? lock_release+0x4e2/0x6f0 [ 514.601070][T18090] ___sys_sendmsg+0x135/0x1e0 [ 514.605751][T18090] ? __pfx____sys_sendmsg+0x10/0x10 [ 514.610958][T18090] ? __pfx_kstrtouint+0x10/0x10 [ 514.615809][T18090] ? rcu_is_watching+0x12/0xc0 [ 514.620577][T18090] ? __pfx___might_resched+0x10/0x10 [ 514.625860][T18090] ? __might_fault+0xe3/0x190 [ 514.630551][T18090] __sys_sendmmsg+0x201/0x420 [ 514.635234][T18090] ? __pfx___sys_sendmmsg+0x10/0x10 [ 514.640443][T18090] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 514.646430][T18090] ? fput+0x67/0x440 [ 514.650332][T18090] ? ksys_write+0x1ba/0x250 [ 514.654908][T18090] ? __pfx_ksys_write+0x10/0x10 [ 514.659771][T18090] __x64_sys_sendmmsg+0x9c/0x100 [ 514.664731][T18090] do_syscall_64+0xcd/0x250 [ 514.669242][T18090] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 514.675135][T18090] RIP: 0033:0x7f04e3985d29 [ 514.679546][T18090] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 514.699156][T18090] RSP: 002b:00007f04e475b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 514.707569][T18090] RAX: ffffffffffffffda RBX: 00007f04e3b75fa0 RCX: 00007f04e3985d29 [ 514.715538][T18090] RDX: 00000000000009a6 RSI: 0000000000000000 RDI: 0000000000000003 [ 514.723501][T18090] RBP: 00007f04e475b090 R08: 0000000000000000 R09: 0000000000000000 [ 514.731467][T18090] R10: 0000000007fffffe R11: 0000000000000246 R12: 0000000000000002 [ 514.739439][T18090] R13: 0000000000000000 R14: 00007f04e3b75fa0 R15: 00007ffdadfd19e8 [ 514.747411][T18090] [ 514.783186][ T5841] Bluetooth: hci4: command 0x0406 tx timeout [ 515.736382][T18133] netlink: 'syz.1.3228': attribute type 1 has an invalid length. [ 516.689908][T18156] netlink: 338 bytes leftover after parsing attributes in process `syz.2.3237'. [ 517.744801][T18185] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3243'. [ 517.969188][T18191] delete_channel: no stack [ 518.824210][T18215] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3255'. [ 519.401412][T18235] delete_channel: no stack [ 520.417410][T18258] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3266'. [ 521.188401][T18291] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 524.726109][T18329] Bluetooth: hci5: command 0x0406 tx timeout [ 524.732305][T18329] Bluetooth: hci3: command 0x0406 tx timeout [ 527.424588][T18430] warning: `syz.3.3316' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 528.459790][T18475] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 528.942371][T18490] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 529.093707][T18494] netlink: 'syz.2.3335': attribute type 1 has an invalid length. [ 530.025447][T18526] netlink: 'syz.1.3344': attribute type 1 has an invalid length. [ 531.678782][T18565] netlink: 'syz.0.3355': attribute type 1 has an invalid length. [ 532.168609][T18575] netlink: 'syz.1.3358': attribute type 1 has an invalid length. [ 534.257320][T18628] netlink: 'syz.1.3373': attribute type 1 has an invalid length. [ 537.780100][T18693] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 539.517406][T18727] netlink: 'syz.2.3398': attribute type 1 has an invalid length. [ 541.174655][T18782] FAULT_INJECTION: forcing a failure. [ 541.174655][T18782] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 541.189261][T18780] Process accounting resumed [ 541.224954][T18782] CPU: 1 UID: 0 PID: 18782 Comm: syz.1.3414 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 541.235778][T18782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 541.236872][T18785] netlink: 'syz.0.3416': attribute type 1 has an invalid length. [ 541.245835][T18782] Call Trace: [ 541.245848][T18782] [ 541.245857][T18782] dump_stack_lvl+0x16c/0x1f0 [ 541.245890][T18782] should_fail_ex+0x497/0x5b0 [ 541.269256][T18782] _copy_to_user+0x32/0xd0 [ 541.273706][T18782] simple_read_from_buffer+0xd0/0x160 [ 541.279108][T18782] proc_fail_nth_read+0x198/0x270 [ 541.284170][T18782] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 541.289761][T18782] ? bpf_lsm_file_permission+0x9/0x10 [ 541.295167][T18782] ? security_file_permission+0x71/0x210 [ 541.300837][T18782] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 541.306416][T18782] vfs_read+0x1df/0xbe0 [ 541.310598][T18782] ? __fget_files+0x1fc/0x3a0 [ 541.315302][T18782] ? __pfx___mutex_lock+0x10/0x10 [ 541.320359][T18782] ? __pfx_vfs_read+0x10/0x10 [ 541.325065][T18782] ? __fget_files+0x206/0x3a0 [ 541.329764][T18782] ksys_read+0x12b/0x250 [ 541.334018][T18782] ? __pfx_ksys_read+0x10/0x10 [ 541.338810][T18782] ? rcu_is_watching+0x12/0xc0 [ 541.343578][T18782] ? rcu_is_watching+0x12/0xc0 [ 541.348345][T18782] do_syscall_64+0xcd/0x250 [ 541.352853][T18782] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 541.358752][T18782] RIP: 0033:0x7f021278473c [ 541.363162][T18782] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 541.382799][T18782] RSP: 002b:00007f02135f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 541.391216][T18782] RAX: ffffffffffffffda RBX: 00007f0212975fa0 RCX: 00007f021278473c [ 541.399188][T18782] RDX: 000000000000000f RSI: 00007f02135f60a0 RDI: 0000000000000004 [ 541.407155][T18782] RBP: 00007f02135f6090 R08: 0000000000000000 R09: 0000000000000000 [ 541.415233][T18782] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 541.423203][T18782] R13: 0000000000000000 R14: 00007f0212975fa0 R15: 00007ffc5b117078 [ 541.431178][T18782] [ 541.710543][T18796] netlink: 'syz.2.3419': attribute type 1 has an invalid length. [ 542.907254][T18828] netlink: 'syz.3.3430': attribute type 1 has an invalid length. [ 544.167948][T18853] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 544.353546][T18862] netlink: 'syz.2.3443': attribute type 1 has an invalid length. [ 546.734789][T18915] netlink: 'syz.3.3456': attribute type 1 has an invalid length. [ 549.217533][T18971] netlink: 'syz.2.3471': attribute type 1 has an invalid length. [ 550.326766][ T5841] Bluetooth: hci1: command 0x0406 tx timeout [ 550.818052][T19025] netlink: 'syz.3.3484': attribute type 3 has an invalid length. [ 550.884997][T19025] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3484'. [ 552.475325][T19079] netlink: 'syz.1.3498': attribute type 1 has an invalid length. [ 553.939417][T19121] FAULT_INJECTION: forcing a failure. [ 553.939417][T19121] name failslab, interval 1, probability 0, space 0, times 0 [ 553.971069][T19121] CPU: 0 UID: 0 PID: 19121 Comm: syz.1.3509 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 553.981977][T19121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 553.992046][T19121] Call Trace: [ 553.995331][T19121] [ 553.998276][T19121] dump_stack_lvl+0x16c/0x1f0 [ 554.002981][T19121] should_fail_ex+0x497/0x5b0 [ 554.007686][T19121] ? fs_reclaim_acquire+0xae/0x150 [ 554.012822][T19121] should_failslab+0xc2/0x120 [ 554.017529][T19121] __kmalloc_node_noprof+0xd1/0x520 [ 554.022754][T19121] ? lock_release+0x4e2/0x6f0 [ 554.027447][T19121] ? __kvmalloc_node_noprof+0xad/0x1a0 [ 554.032934][T19121] __kvmalloc_node_noprof+0xad/0x1a0 [ 554.038249][T19121] seq_read_iter+0x82a/0x12b0 [ 554.042949][T19121] ? rcu_is_watching+0x12/0xc0 [ 554.047734][T19121] ? __pfx_aa_file_perm+0x10/0x10 [ 554.052781][T19121] seq_read+0x39f/0x4e0 [ 554.056957][T19121] ? __pfx_seq_read+0x10/0x10 [ 554.061087][T19124] snd_virmidi snd_virmidi.0: control 5:9:0:IAªƒ>/Æ[k<÷ÎÇmgx­Ž¬<Ú5ºœ+-Cî°ÜYÈÝ5:0 is already present [ 554.061645][T19121] ? bpf_lsm_file_permission+0x9/0x10 [ 554.077706][T19121] ? security_file_permission+0x71/0x210 [ 554.083360][T19121] ? __pfx_seq_read+0x10/0x10 [ 554.088058][T19121] vfs_read+0x1df/0xbe0 [ 554.092241][T19121] ? __fget_files+0x1fc/0x3a0 [ 554.096946][T19121] ? __pfx___mutex_lock+0x10/0x10 [ 554.101994][T19121] ? __pfx_vfs_read+0x10/0x10 [ 554.106698][T19121] ? __fget_files+0x206/0x3a0 [ 554.111404][T19121] ksys_read+0x12b/0x250 [ 554.115670][T19121] ? __pfx_ksys_read+0x10/0x10 [ 554.120455][T19121] ? rcu_is_watching+0x12/0xc0 [ 554.125251][T19121] ? rcu_is_watching+0x12/0xc0 [ 554.130043][T19121] do_syscall_64+0xcd/0x250 [ 554.134576][T19121] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 554.140502][T19121] RIP: 0033:0x7f0212785d29 [ 554.144939][T19121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 554.164570][T19121] RSP: 002b:00007f02135f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 554.173060][T19121] RAX: ffffffffffffffda RBX: 00007f0212975fa0 RCX: 00007f0212785d29 [ 554.181052][T19121] RDX: 00000000196d083b RSI: 0000000020000240 RDI: 0000000000000003 [ 554.189051][T19121] RBP: 00007f02135f6090 R08: 0000000000000000 R09: 0000000000000000 [ 554.197045][T19121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 554.205034][T19121] R13: 0000000000000000 R14: 00007f0212975fa0 R15: 00007ffc5b117078 [ 554.213036][T19121] [ 555.807253][T19182] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 556.680960][T19235] netlink: 'syz.3.3536': attribute type 1 has an invalid length. [ 557.145324][T19242] ecryptfs_miscdev_write: Acceptable packet size range is [6-531], but amount of data written is [3]. [ 557.512688][T19262] FAULT_INJECTION: forcing a failure. [ 557.512688][T19262] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 557.525923][T19262] CPU: 0 UID: 0 PID: 19262 Comm: syz.2.3543 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 557.536716][T19262] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 557.546824][T19262] Call Trace: [ 557.550120][T19262] [ 557.553058][T19262] dump_stack_lvl+0x16c/0x1f0 [ 557.557768][T19262] should_fail_ex+0x497/0x5b0 [ 557.562483][T19262] _copy_to_user+0x32/0xd0 [ 557.566929][T19262] simple_read_from_buffer+0xd0/0x160 [ 557.572325][T19262] proc_fail_nth_read+0x198/0x270 [ 557.577382][T19262] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 557.582963][T19262] ? bpf_lsm_file_permission+0x9/0x10 [ 557.588362][T19262] ? security_file_permission+0x71/0x210 [ 557.594020][T19262] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 557.599601][T19262] vfs_read+0x1df/0xbe0 [ 557.603786][T19262] ? __fget_files+0x1fc/0x3a0 [ 557.608500][T19262] ? __pfx___mutex_lock+0x10/0x10 [ 557.613558][T19262] ? __pfx_vfs_read+0x10/0x10 [ 557.618266][T19262] ? __fget_files+0x206/0x3a0 [ 557.622969][T19262] ksys_read+0x12b/0x250 [ 557.627237][T19262] ? __pfx_ksys_read+0x10/0x10 [ 557.632038][T19262] ? rcu_is_watching+0x12/0xc0 [ 557.636828][T19262] ? rcu_is_watching+0x12/0xc0 [ 557.641624][T19262] do_syscall_64+0xcd/0x250 [ 557.646157][T19262] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 557.652073][T19262] RIP: 0033:0x7f9c8578473c [ 557.656503][T19262] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48 [ 557.676151][T19262] RSP: 002b:00007f9c86535030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 557.684595][T19262] RAX: ffffffffffffffda RBX: 00007f9c85975fa0 RCX: 00007f9c8578473c [ 557.692589][T19262] RDX: 000000000000000f RSI: 00007f9c865350a0 RDI: 0000000000000004 [ 557.700579][T19262] RBP: 00007f9c86535090 R08: 0000000000000000 R09: 0000000000000000 [ 557.708568][T19262] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 557.716557][T19262] R13: 0000000000000000 R14: 00007f9c85975fa0 R15: 00007fff4faea168 [ 557.724647][T19262] [ 558.548225][T19316] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3557'. [ 558.612545][T19316] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 558.628416][T19318] netlink: 'syz.0.3558': attribute type 1 has an invalid length. [ 558.643915][T19316] bond0 (unregistering): Released all slaves [ 558.832363][T19326] netlink: 342 bytes leftover after parsing attributes in process `syz.2.3559'. [ 559.700338][T19345] netlink: 342 bytes leftover after parsing attributes in process `syz.1.3563'. [ 561.031121][T19403] raw_sendmsg: syz.3.3580 forgot to set AF_INET. Fix it! [ 561.122503][T19411] netlink: 342 bytes leftover after parsing attributes in process `syz.0.3582'. [ 562.198998][T19427] Bluetooth: hci4: Opcode 0x0c1a failed: -4 [ 562.205263][T19427] Bluetooth: hci4: Opcode 0x0406 failed: -4 [ 562.213376][T19427] Bluetooth: hci5: Opcode 0x0c1a failed: -4 [ 562.219465][T19427] Bluetooth: hci5: Opcode 0x0406 failed: -4 [ 562.227040][T19427] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 562.233138][T19427] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 562.239992][T19427] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 562.247522][T19427] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 562.495061][T19446] device-mapper: ioctl: dm_ctl_ioctl: unknown command 0xfffffd31 [ 562.508702][T19457] nbd: must specify at least one socket [ 562.626972][T15112] can0 (unregistered): slcan off ptm0. [ 563.413374][T19534] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 563.526113][ T5831] Bluetooth: hci4: command 0x0406 tx timeout [ 563.620949][ T1293] ieee802154 phy0 wpan0: encryption failed: -22 [ 563.628151][ T1293] ieee802154 phy1 wpan1: encryption failed: -22 [ 564.011543][T19573] netlink: 'syz.1.3607': attribute type 1 has an invalid length. [ 564.247479][ T5831] Bluetooth: hci1: command 0x0406 tx timeout [ 564.253716][ T5831] Bluetooth: hci3: command 0x0406 tx timeout [ 564.259821][ T5841] Bluetooth: hci5: command 0x0406 tx timeout [ 565.631040][ T5831] Bluetooth: hci4: command 0x0406 tx timeout [ 565.992123][T19638] netlink: 330 bytes leftover after parsing attributes in process `syz.2.3617'. [ 566.326568][ T5831] Bluetooth: hci3: command 0x0406 tx timeout [ 566.339633][ T5841] Bluetooth: hci5: command 0x0406 tx timeout [ 566.345725][T18372] Bluetooth: hci1: command 0x0406 tx timeout [ 566.767464][T19663] netlink: 'syz.2.3621': attribute type 1 has an invalid length. [ 567.045475][T19673] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 567.107713][T19675] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 567.119500][T19673] device-mapper: ioctl: Unable to rename non-existent device, to uuid „ [ 568.644735][T19739] netlink: 'syz.0.3639': attribute type 1 has an invalid length. [ 569.862368][T19766] netlink: 8 bytes leftover after parsing attributes in process `ÿÿòÿÿÿòÿÿÿòÿÿÿò'. [ 569.921585][ T29] audit: type=1800 audit(4294967304.540:21): pid=19766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm=FFFFF2FFFFFFF2FFFFFFF2FFFFFFF2 name="features" dev="configfs" ino=74193 res=0 errno=0 [ 571.057961][T19810] netlink: 'syz.2.3653': attribute type 1 has an invalid length. [ 572.785837][T19869] netlink: 'syz.1.3668': attribute type 1 has an invalid length. [ 572.833696][T19870] Process accounting resumed [ 573.978731][T19909] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3679'. [ 574.005445][T19909] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3679'. [ 574.105272][T19913] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 574.519630][T19933] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3684'. [ 574.572807][T19934] netlink: 'syz.0.3683': attribute type 16 has an invalid length. [ 574.588857][T19934] netlink: 330 bytes leftover after parsing attributes in process `syz.0.3683'. [ 574.715202][T19939] netlink: 'syz.0.3686': attribute type 1 has an invalid length. [ 575.604110][T19971] snd_aloop snd_aloop.0: Parsing timer source '' failed with -22 [ 575.613699][T19971] Process accounting resumed [ 575.618814][T19971] kstrtoul() returned -22 for lu_gp_id [ 575.874460][T19988] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3701'. [ 575.896716][T19988] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3701'. [ 576.081289][T19999] netlink: 'syz.1.3705': attribute type 1 has an invalid length. [ 576.128604][T20005] netlink: 334 bytes leftover after parsing attributes in process `syz.3.3704'. [ 577.355743][ T29] audit: type=1800 audit(4294967311.970:22): pid=20041 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.3714" name="members" dev="configfs" ino=75230 res=0 errno=0 [ 577.511636][T20051] syz.1.3718 (20051): /proc/20050/oom_adj is deprecated, please use /proc/20050/oom_score_adj instead. [ 577.513672][T20045] ------------[ cut here ]------------ [ 577.528889][T20045] WARNING: CPU: 0 PID: 20045 at mm/page_alloc.c:4729 __alloc_pages_noprof+0xeff/0x25b0 [ 577.535534][T20054] netlink: 'syz.2.3720': attribute type 1 has an invalid length. [ 577.538990][T20045] Modules linked in: [ 577.551324][T20045] CPU: 0 UID: 0 PID: 20045 Comm: syz.0.3716 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 577.562346][T20045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 577.572662][T20045] RIP: 0010:__alloc_pages_noprof+0xeff/0x25b0 [ 577.579033][T20045] Code: 24 2c 00 00 00 00 89 cd 0f 84 8b f9 ff ff 8b 34 24 48 89 da 8b 7c 24 08 e8 de b2 fe ff e9 69 f9 ff ff c6 05 04 6d 16 0e 01 90 <0f> 0b 90 31 db e9 9f f3 ff ff 89 14 24 e8 6f a4 0c 00 8b 14 24 e9 [ 577.598880][T20045] RSP: 0018:ffffc9000bd1f918 EFLAGS: 00010246 [ 577.604982][T20045] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 577.613304][T20045] RDX: 0000000000000000 RSI: 0000000000000013 RDI: 0000000000040cc0 [ 577.621350][T20045] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 577.629373][T20045] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000013 [ 577.637446][T20045] R13: 0000000000040cc0 R14: 1ffff920017a3f37 R15: 00000000ffffffff [ 577.645555][T20045] FS: 00007f3e0bd876c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000 [ 577.654678][T20045] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 577.661678][T20045] CR2: 0000000020000178 CR3: 0000000033418000 CR4: 00000000003526f0 [ 577.670159][T20045] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 577.678581][T20045] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 577.686773][T20045] Call Trace: [ 577.690082][T20045] [ 577.693033][T20045] ? __warn+0xea/0x3c0 [ 577.697352][T20045] ? __alloc_pages_noprof+0xeff/0x25b0 [ 577.702891][T20045] ? report_bug+0x3c0/0x580 [ 577.707490][T20045] ? handle_bug+0x54/0xa0 [ 577.711854][T20045] ? exc_invalid_op+0x17/0x50 [ 577.716624][T20045] ? asm_exc_invalid_op+0x1a/0x20 [ 577.721685][T20045] ? __alloc_pages_noprof+0xeff/0x25b0 [ 577.727225][T20045] ? __schedule+0xe60/0x5ad0 [ 577.731846][T20045] ? release_sock+0x21/0x220 [ 577.736524][T20045] ? trace_irq_enable.constprop.0+0xea/0x140 [ 577.742653][T20045] ? tcp_sendmsg+0x38/0x50 [ 577.747268][T20045] ? __local_bh_enable_ip+0xa4/0x120 [ 577.752589][T20045] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 577.758859][T20045] ? __pfx___schedule+0x10/0x10 [ 577.763753][T20045] ? rcu_is_watching+0x12/0xc0 [ 577.768826][T20045] ? __pfx_lock_release+0x10/0x10 [ 577.773905][T20045] ? trace_lock_acquire+0x14e/0x1f0 [ 577.779369][T20045] ? __pfx_lock_release+0x10/0x10 [ 577.784428][T20045] ? mtree_load+0xf4/0xa40 [ 577.789049][T20045] ? lock_acquire+0x2f/0xb0 [ 577.793634][T20045] ? mtree_load+0xf4/0xa40 [ 577.798254][T20045] ___kmalloc_large_node+0x84/0x1b0 [ 577.803489][T20045] __kmalloc_large_node_noprof+0x1c/0x70 [ 577.809248][T20045] __kmalloc_node_track_caller_noprof.cold+0x5/0x5f [ 577.815897][T20045] ? bitmap_parselist_user+0x24/0x90 [ 577.821288][T20045] memdup_user_nul+0x2b/0x110 [ 577.826045][T20045] bitmap_parselist_user+0x24/0x90 [ 577.831196][T20045] irq_affinity_list_proc_write+0x148/0x260 [ 577.837196][T20045] ? __pfx_irq_affinity_list_proc_write+0x10/0x10 [ 577.843745][T20045] ? rcu_is_watching+0x12/0xc0 [ 577.848738][T20045] ? trace_lock_acquire+0x14e/0x1f0 [ 577.853978][T20045] ? apparmor_file_permission+0x251/0x400 [ 577.859985][T20045] ? __pfx_irq_affinity_list_proc_write+0x10/0x10 [ 577.866711][T20045] proc_reg_write+0x23d/0x330 [ 577.871638][T20045] ? __pfx_proc_reg_write+0x10/0x10 [ 577.877114][T20045] vfs_write+0x24c/0x1150 [ 577.881483][T20045] ? __fget_files+0x1fc/0x3a0 [ 577.886227][T20045] ? __pfx___mutex_lock+0x10/0x10 [ 577.891405][T20045] ? __pfx_vfs_write+0x10/0x10 [ 577.896406][T20045] ? __fget_files+0x206/0x3a0 [ 577.901120][T20045] ksys_write+0x12b/0x250 [ 577.905479][T20045] ? __pfx_ksys_write+0x10/0x10 [ 577.910416][T20045] ? rcu_is_watching+0x12/0xc0 [ 577.915207][T20045] ? rcu_is_watching+0x12/0xc0 [ 577.920054][T20045] do_syscall_64+0xcd/0x250 [ 577.924591][T20045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 577.930686][T20045] RIP: 0033:0x7f3e0af85d29 [ 577.935134][T20045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 577.954970][T20045] RSP: 002b:00007f3e0bd87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 577.963825][T20045] RAX: ffffffffffffffda RBX: 00007f3e0b175fa0 RCX: 00007f3e0af85d29 [ 577.972201][T20045] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 577.980400][T20045] RBP: 00007f3e0b001b08 R08: 0000000000000000 R09: 0000000000000000 [ 577.988555][T20045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 577.996754][T20045] R13: 0000000000000000 R14: 00007f3e0b175fa0 R15: 00007ffcfa0bd418 [ 578.004792][T20045] [ 578.008000][T20045] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 578.015303][T20045] CPU: 0 UID: 0 PID: 20045 Comm: syz.0.3716 Not tainted 6.13.0-rc4-syzkaller-00071-gfd0584d220fe #0 [ 578.026089][T20045] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024 [ 578.036166][T20045] Call Trace: [ 578.039464][T20045] [ 578.042423][T20045] dump_stack_lvl+0x3d/0x1f0 [ 578.047054][T20045] panic+0x71d/0x800 [ 578.050987][T20045] ? __pfx_panic+0x10/0x10 [ 578.055438][T20045] ? show_trace_log_lvl+0x29d/0x3d0 [ 578.060668][T20045] ? __alloc_pages_noprof+0xeff/0x25b0 [ 578.066172][T20045] check_panic_on_warn+0xab/0xb0 [ 578.071148][T20045] __warn+0xf6/0x3c0 [ 578.075088][T20045] ? __alloc_pages_noprof+0xeff/0x25b0 [ 578.080600][T20045] report_bug+0x3c0/0x580 [ 578.084970][T20045] handle_bug+0x54/0xa0 [ 578.089183][T20045] exc_invalid_op+0x17/0x50 [ 578.093733][T20045] asm_exc_invalid_op+0x1a/0x20 [ 578.098623][T20045] RIP: 0010:__alloc_pages_noprof+0xeff/0x25b0 [ 578.104738][T20045] Code: 24 2c 00 00 00 00 89 cd 0f 84 8b f9 ff ff 8b 34 24 48 89 da 8b 7c 24 08 e8 de b2 fe ff e9 69 f9 ff ff c6 05 04 6d 16 0e 01 90 <0f> 0b 90 31 db e9 9f f3 ff ff 89 14 24 e8 6f a4 0c 00 8b 14 24 e9 [ 578.124374][T20045] RSP: 0018:ffffc9000bd1f918 EFLAGS: 00010246 [ 578.130453][T20045] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 578.138429][T20045] RDX: 0000000000000000 RSI: 0000000000000013 RDI: 0000000000040cc0 [ 578.146410][T20045] RBP: 0000000000000000 R08: 0000000000000005 R09: 0000000000000000 [ 578.154384][T20045] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000013 [ 578.162361][T20045] R13: 0000000000040cc0 R14: 1ffff920017a3f37 R15: 00000000ffffffff [ 578.170343][T20045] ? __schedule+0xe60/0x5ad0 [ 578.174943][T20045] ? release_sock+0x21/0x220 [ 578.179554][T20045] ? trace_irq_enable.constprop.0+0xea/0x140 [ 578.185543][T20045] ? tcp_sendmsg+0x38/0x50 [ 578.189963][T20045] ? __local_bh_enable_ip+0xa4/0x120 [ 578.195257][T20045] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 578.201000][T20045] ? __pfx___schedule+0x10/0x10 [ 578.205862][T20045] ? rcu_is_watching+0x12/0xc0 [ 578.210646][T20045] ? __pfx_lock_release+0x10/0x10 [ 578.215682][T20045] ? trace_lock_acquire+0x14e/0x1f0 [ 578.220895][T20045] ? __pfx_lock_release+0x10/0x10 [ 578.225922][T20045] ? mtree_load+0xf4/0xa40 [ 578.230352][T20045] ? lock_acquire+0x2f/0xb0 [ 578.234855][T20045] ? mtree_load+0xf4/0xa40 [ 578.239275][T20045] ___kmalloc_large_node+0x84/0x1b0 [ 578.244485][T20045] __kmalloc_large_node_noprof+0x1c/0x70 [ 578.250124][T20045] __kmalloc_node_track_caller_noprof.cold+0x5/0x5f [ 578.256728][T20045] ? bitmap_parselist_user+0x24/0x90 [ 578.262057][T20045] memdup_user_nul+0x2b/0x110 [ 578.266749][T20045] bitmap_parselist_user+0x24/0x90 [ 578.271875][T20045] irq_affinity_list_proc_write+0x148/0x260 [ 578.277783][T20045] ? __pfx_irq_affinity_list_proc_write+0x10/0x10 [ 578.284204][T20045] ? rcu_is_watching+0x12/0xc0 [ 578.288978][T20045] ? trace_lock_acquire+0x14e/0x1f0 [ 578.294184][T20045] ? apparmor_file_permission+0x251/0x400 [ 578.299920][T20045] ? __pfx_irq_affinity_list_proc_write+0x10/0x10 [ 578.306341][T20045] proc_reg_write+0x23d/0x330 [ 578.311025][T20045] ? __pfx_proc_reg_write+0x10/0x10 [ 578.316235][T20045] vfs_write+0x24c/0x1150 [ 578.320577][T20045] ? __fget_files+0x1fc/0x3a0 [ 578.325266][T20045] ? __pfx___mutex_lock+0x10/0x10 [ 578.330386][T20045] ? __pfx_vfs_write+0x10/0x10 [ 578.335168][T20045] ? __fget_files+0x206/0x3a0 [ 578.339857][T20045] ksys_write+0x12b/0x250 [ 578.344191][T20045] ? __pfx_ksys_write+0x10/0x10 [ 578.349050][T20045] ? rcu_is_watching+0x12/0xc0 [ 578.353828][T20045] ? rcu_is_watching+0x12/0xc0 [ 578.358608][T20045] do_syscall_64+0xcd/0x250 [ 578.363125][T20045] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 578.369031][T20045] RIP: 0033:0x7f3e0af85d29 [ 578.373445][T20045] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 578.393064][T20045] RSP: 002b:00007f3e0bd87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 578.401590][T20045] RAX: ffffffffffffffda RBX: 00007f3e0b175fa0 RCX: 00007f3e0af85d29 [ 578.409576][T20045] RDX: 00000000fffffdef RSI: 0000000000000000 RDI: 0000000000000003 [ 578.417553][T20045] RBP: 00007f3e0b001b08 R08: 0000000000000000 R09: 0000000000000000 [ 578.425526][T20045] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 578.433506][T20045] R13: 0000000000000000 R14: 00007f3e0b175fa0 R15: 00007ffcfa0bd418 [ 578.441488][T20045] [ 578.444756][T20045] Kernel Offset: disabled [ 578.449083][T20045] Rebooting in 86400 seconds..